Spam connect from unknown numbers

Hello,
I want to ask how can I block all those numbers that are trying to connect

link pictures -->> Hire <–

A good start would be to adjust your firewall to block SIP traffic from sources you do not specifically permit.

can you tell me the directory next to the firewall and what context should I look for to block this sip traffic ?

os: debian 9 server
10x

I don’t understand your question sorry.

disallow guest calls to avoid unauthenticated calls

How can I forget these calls trying to connect asterisk to a port 5060 / 5061

You need to modify your firewall to block unwanted traffic.

hi johnkiniston
First, I know that the firewall rules need to be changed.
the question is to give me an example of how to become a lesson.
that with this answer it is not clear how to change these rules.

I found a temporary solution to the problem by blocking traffic

I’m currently blocking I ip addres the command of iptables which is

this works

iptables -I INPUT -s 192.128.321.32 -j DROP

I do not know if it is the right way, but I know it works.

if you know someone in a good and effective way you can share not with words but with examples as I have given.

10х

I do not use iptables so I can not make any recommendations as to it’s configuration.

I feel that Firewall configuration is outside the scope of this forum as it does not pertain to the configuration of Asterisk.

Hi again,
I think Firewall has little or no need to be mentioned in this forum, yet it is part of the security of Asterisk central
Still, if somebody picks up a new headquarters, almost 90% of them are sure to be in the mood of the problem I wrote above.

To do this, you should not overlook a firewall. And to share which settings would be most appropriate and efficient to block inappropriate addresses and constantly attempt to contact sip,trunk (asterisk server port: 5060 5061)

Fail2ban is your friend More info

Fail2ban is useful if you have a legitmate need to accept calls from unknown IP addresses, but, otherwise just use rules that accept calls only from the known sources.

1 Like

I would suggest you have a look at the SecAst product (http://www.telium.io/secast) as it will monitor those connection attempts and can then interact with your firewall to block attackers at the network edge. Lots of larger PBX installation don’t use iptables either and block at the network edge as well - and this product is targeted at large installations.

SecAst does a lot more than just this (including geofencing, toll fraud phone number database, hacker IP database, suspicious behavior detection, etc. and lots more). It’s a commercial product but for small installations there is a free version. Have a look if that meets your needs.

(Not meant to be an advert, but none of the answers address your point about iptables)

…Jason…

// All opinions are my own and do not necessarily represent those of my employer,
// but since my employer is Telium, the manufacturer of SecAst, my opinions probably do :slight_smile:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.