Jump to content

Recommended Posts

Posted

I'm curious if there is a web based service that listed IP addresses blacklisted for SIP hacking attempts?

 

It would be great if we could auto-submit and have our pbx be auto updated with others.

 

Or am I out on a limb?

 

Matt

Posted

the alternative appears to be each pbx admin creating a list on their own.

why not share the data? ;-)

 

i have to agree there are endless sources of attacks though. I alone have endless sources...! ;-)

 

#1-is there any mechanism to import a list of IPs to black list into pbxnisp?

#2-is there a simple way to block a specific country?

 

Matt

Posted
the alternative appears to be each pbx admin creating a list on their own.

why not share the data? ;-)

 

The PBX is pretty quick blacklisting someone. After something like 10 attempts the address is already blacklisted and the damage is limited.

 

If you want, you can forward the email about the blacklisting event to a clearing house. However, I believe it makes most sense to feed the firewall with these addresses, so that the PBX does not receive any traffic at all.

 

Anyway, I believe the solution we have right now in version 4 is pretty okay and customers can run the system without worrying about someone taking the system down with a simple robot script.

Posted

While there may not be a simple way to block a specific country, for my version 3 installs, I went to http://www.arin.net to figure out the American networks, permitted them, and wrote a rule to block everything else at the firewall. The list is not that bad since they can be summarized into 8 bit masks.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...