返回列表 發帖

Elastix hack

today check elastix logs other ip hack to my elastix

elastix hack.JPG
2013-11-23 04:05

Don't expose any ports on your Asterisk server to the Internet.
OSSLab Blog :: VoIP & IT Consultant

TOP

又是巴基斯坦那邊......

最近那邊好像有不少入侵人家的VoIP Server跡象......
我的log中有不少也是那邊的......

TOP

有沒有裝fail2ban?

TOP

我看了我的log, 是不是也是有人想試我的呢?
                
[2013-12-02 04:54:01] NOTICE[3425][C-00000e54] chan_sip.c: Failed to authenticate device test<sip:test@xxx.xxx.xxx.xxx>;tag=4e5bffdf
                         
[2013-12-02 04:54:04] NOTICE[3425][C-00000e55] chan_sip.c: Failed to authenticate device test<sip:test@xxx.xxx.xxx.xxx>;tag=b0a863cb
                         
[2013-12-02 04:54:05] NOTICE[3425][C-00000e55] chan_sip.c: Failed to authenticate device test<sip:test@xxx.xxx.xxx.xxx>;tag=b0a863cb
                         
[2013-12-02 04:54:07] NOTICE[3425][C-00000e56] chan_sip.c: Failed to authenticate device test<sip:test@xxx.xxx.xxx.xxx>;tag=9f1bc731
                         
[2013-12-02 04:54:08] NOTICE[3425][C-00000e57] chan_sip.c: Failed to authenticate device test<sip:test@xxx.xxx.xxx.xxx>;tag=27a3cdef
                         
[2013-12-02 04:54:11] NOTICE[3425][C-00000e58] chan_sip.c: Failed to authenticate device test<sip:test@xxx.xxx.xxx.xxx>;tag=c2357353
                         
[2013-12-02 04:54:12] NOTICE[3425][C-00000e59] chan_sip.c: Failed to authenticate device test<sip:test@xxx.xxx.xxx.xxx>;tag=7de7ca06
                         
[2013-12-02 04:54:14] NOTICE[3425][C-00000e5a] chan_sip.c: Failed to authenticate device test<sip:test@xxx.xxx.xxx.xxx>;tag=18821cab
                         
[2013-12-02 04:54:17] NOTICE[3425][C-00000e5b] chan_sip.c: Failed to authenticate device test<sip:test@xxx.xxx.xxx.xxx>;tag=9975c9f2

上面的ip我×掉了,它是隔一段時間就出現一堆連續的5-6次。

TOP

回復 5# 浮雲1965


    Yes, you are on the their target list. Block it!
RB750G, RB2011UAS-2HnD
IP01, A580IP, AT-610

TOP

回復 4# 浮雲1965


    how to set fail2ban???

TOP

now
`i will disable elastix admin login ,if hack my admin login will show

admin login

elastix nth.JPG
2013-12-3 00:24

TOP

我目前的admin login是有set ip table的,只能固定的某ip可以登入。
這樣安全了嗎?

TOP

唔想死的話, dont expose your http or https port to outside.

TOP

i blocked  some function for elastix now is ok

TOP

返回列表