[Freeswitch-users] Receives call From Unknown Extensions
David Villasmil Govea
david.villasmil at gmail.com
Wed Dec 24 13:50:36 MSK 2014
Hello,
At the very least I would say need to install and configure fail2ban
urgently, it block ips which try to authenticate and fail. This saves you
from brute - force attacks.
Regards,
David
On Dec 24, 2014 2:19 AM, "Luis Daniel Lucio Quiroz" <
luis.daniel.lucio at gmail.com> wrote:
> Dont worry, your are a target of a kiddy script. As you dont use
> numeric extensions, they wont authenticate. And as you are using
> multitenant, they should be targering the IP (as domain, for example
> 100 at 1.1.1.1) instead 100 at yourdomain. So they wont be able to
> authenticate (if multidomain is on).
>
> CDR will still show the failled call. Its normal, FS is reporting a
> failed attempt.
>
> 2014-12-22 17:55 GMT-05:00 Thomas Auge <auge at virtues.net>:
> > To eliminate the guessing, check the logs which route the calls took
> through the system. It should contain the clues you
> > need. You might need to up the log level a bit ...
> >
> >
> > On 22.12.2014 19:44, Lloyd Aloysius wrote:
> >> Fail2Ban is running in the system
> >>
> >> I do not have any default dial plans or extensions.
> >>
> >>
> >>
> >>
> >>
> >> On Mon, Dec 22, 2014 at 5:35 PM, Thomas Auge <auge at virtues.net <mailto:
> auge at virtues.net>> wrote:
> >>
> >> Do you still have the external domain enabled? I think it routes
> external calls matching a specific number theme (
> >> ^(10[01][0-9])$ ) to the internal users through the pre-installed
> dialplan. It listens on different ports (5080/1).
> >> Config is in sip_profiles/external.xml and dialplan/public.xml.
> >>
> >> I see an insane amount of brute force attempts against our PBX', so
> if there is a way to get anywhere, you can expect
> >> people to try it - over and over and over ... I can recommend
> fail2ban. :-)
> >>
> >> Just guessing though, if I'm wrong, someone more knowledgeable will
> probably chime in. :)
> >>
> >>
> >> On 22.12.2014 19:16, Lloyd Aloysius wrote:
> >> > Hi All
> >> >
> >> > I have a multi domain setup. We receive calls from unknown
> extensions (eg: 100 , 101,1000,1007 etc ).But there is no
> >> > voice in it.
> >> >
> >> > We do not have any default extensions in the system and all
> default extensions removed from the system.
> >> >
> >> > Users are authenticated by alphanumeric (like an email username)
> Eg: mike at mydomain.com <mailto:mike at mydomain.com>
> >> and passwords are very
> >> > complicated.
> >> >
> >> > How someone can call a user without authentication from these
> extensions?
> >> >
> >> > Please let me know how to solve this issue.
> >> >
> >> > Thanks Lloyd
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> _________________________________________________________________________
> Professional FreeSWITCH Consulting
> >> > Services: consulting at freeswitch.org <mailto:
> consulting at freeswitch.org> http://www.freeswitchsolutions.com
> >> >
> >> > Official FreeSWITCH Sites http://www.freeswitch.org
> http://confluence.freeswitch.org http://www.cluecon.com
> >> >
> >> > FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org <mailto:
> FreeSWITCH-users at lists.freeswitch.org>
> >> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> >> > UNSUBSCRIBE:
> http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
> >> >
> >>
> >>
> >>
> _________________________________________________________________________
> >> Professional FreeSWITCH Consulting Services:
> >> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
> >> http://www.freeswitchsolutions.com
> >>
> >> Official FreeSWITCH Sites
> >> http://www.freeswitch.org
> >> http://confluence.freeswitch.org
> >> http://www.cluecon.com
> >>
> >> FreeSWITCH-users mailing list
> >> FreeSWITCH-users at lists.freeswitch.org <mailto:
> FreeSWITCH-users at lists.freeswitch.org>
> >> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> >> UNSUBSCRIBE:
> http://lists.freeswitch.org/mailman/options/freeswitch-users
> >> http://www.freeswitch.org
> >>
> >>
> >>
> >>
> >>
> _________________________________________________________________________
> >> Professional FreeSWITCH Consulting Services:
> >> consulting at freeswitch.org
> >> http://www.freeswitchsolutions.com
> >>
> >> Official FreeSWITCH Sites
> >> http://www.freeswitch.org
> >> http://confluence.freeswitch.org
> >> http://www.cluecon.com
> >>
> >> FreeSWITCH-users mailing list
> >> FreeSWITCH-users at lists.freeswitch.org
> >> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> >> UNSUBSCRIBE:
> http://lists.freeswitch.org/mailman/options/freeswitch-users
> >> http://www.freeswitch.org
> >>
> >
> >
> > _________________________________________________________________________
> > Professional FreeSWITCH Consulting Services:
> > consulting at freeswitch.org
> > http://www.freeswitchsolutions.com
> >
> > Official FreeSWITCH Sites
> > http://www.freeswitch.org
> > http://confluence.freeswitch.org
> > http://www.cluecon.com
> >
> > FreeSWITCH-users mailing list
> > FreeSWITCH-users at lists.freeswitch.org
> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> > http://www.freeswitch.org
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20141224/537833ed/attachment.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list