Asterisk Intrusion Prevention

security sip asterisk

You are correct that " that's the way you get an actual phone to connect with the Asterisk server". Phones register to the server on the same port that's used to register with the provider.

If you are only using SIP to talk to the provider, then simply set-up a firewall to only allow SIP from the provider.

Fail2Ban is one solution but gives adversaries 5 chances when they should be getting none.


You can use the iptables firewall to block ALL inbound connections except SIP from the IP that your trunk provider uses.

iptables is shipped with e.g. AsteriskNow but can also be downloaded and installed separately.

I'm not an iptables expert so won't try to give you the full details about how to configure it in case I get it wrong but there is a wealth of information only a google click away and as your rules will be quite simple, it should not be too complicated to set up

Related

Postfix: send all bounce messages to postmaster
Why won't Ubuntu Server 9.04 won't upgrade to 9.10?
Can a TIME_WAIT connection be restored?
Determine LSN of database in NORECOVERY mode
Configuration Management Software for Linux for "harvesting" config-files
What is the best solution for backing up data in Cassandra? [closed]
Security Flaw - Report it?
What is the impact of increasing the httpd process priority (negative nice)?
Server Memory Usage VERY high on new linux dedi box - How to find the issue?
Subdomain on another host (another IP, another provider)
SAN Disk Allocation
Why can't I attach a screen session