Sipscanner shows no SIP services detected

I just ran a report from

http://sipscanner.voicefraud.com/

who report:

Security report for fqdn created Wed, January 18 2017, 17:33 UTC
0 SIP services detected
0 Extensions found
0 Passwords cracked

Yes, I have fail2ban running. But, this would, I think, explain why I cannot register a SIP device to this server:

Does AWS do something out-of-the-box with regards to firewalls? I don’t recall reading anything along those lines. I’m using an EIP (Elastic IP) so that the FQDN maps with DNS to the IP address for the server. When I SSH, I just type in the FQDN and the rest happens automagically (DNS resolution, and the pub key is sent for authentication).

Not even sure how to proceed. Can I prod the server somehow with a networking tool?

From within the Asterisk console, I can see the trunking peer, they show as “ok” and “sip show registry” shows the registry string with a state of “registered”. So far as I can tell from within the server everything works fine.

Can I send a message, poke, or prod, from the server to a device? However, any such device would be behind NAT…

so probably better to poke and prod the server. But, how? What could possibly be wrong?

I would recommend using ngrep or tcpdump - they actually sniff the packets before iptables, and show if anything reaches your box (ngrep port 5060 will show anything reaching port 5060)

For ngrep:

sudo ngrep -q -Wbyline ‘port 5060’

this would monitor port 5060?

just remove the quotes around port 5060
you can also add a specific host:

ngrep -q -Wbyline port 5060 and host 1.2.3.4

1 Like