Newb: security issues

Hello! I have a problem with security of my asterisk server: i have calls from internet to unknown numbers from “no-extension”-peer, which look in log like

Sometimes caller uses 5077 port.
Which configs i need to provide, what do i need to block or whatever i need to do to stop calls from unregistered users?
Version is from CentOS repos.

First line defence, don’t have anything useful to a hacker in the default context. That may already be the case.

Second line of defence, make sure allowguest is set to no, unless you have a specific reason otherwise.

Third line of defence, restrict incoming source address for SIP traffic to be your ITSP. Do this an tne network boundary router.

If that is not possible, install something like fail2ban which can rate limit some attacks.

Blocking network address ranges associated with high risk parts of the world may also help.