サーラリマンは働き過ぎ、社畜化に注意しよう!!

asterisk Failed to authenticate device ブロック

asterisk
スポンサーリンク

攻撃のlog

[2020-09-17 12:09:24] NOTICE[2020][C-00000005]: chan_sip.c:26377 handle_request_invite: Failed to authenticate device (;tag=1618708269)

vi /usr/src/asterisk-13.27.0/channels/chan_sip.c

変更前
if (res < 0) { /* Something failed in authentication */ ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", sip_get_header(req, "From")); 変更後 if (res < 0) { /* Something failed in authentication */ ast_log(LOG_NOTICE, "Failed to authenticate device %s (%s)\n", sip_get_header(req, "From"),ast_sockaddr_stringify(addr)); すべて同じように変更する 変更前 if (res != AUTH_SUCCESSFUL) { ast_log(LOG_NOTICE, "Failed to authenticate device %s for SUBSCRIBE\n", sip_get_header(req, "From"),ast_sockaddr_stringify(addr)); 変更後 if (res != AUTH_SUCCESSFUL) { ast_log(LOG_NOTICE, "Failed to authenticate device %s (%s) for SUBSCRIBE\n", sip_get_header(req, "From"),ast_sockaddr_stringify(addr)); vi /etc/fail2ban/filter.d/asterisk.conf prefregex = に以下を追記する NOTICE.* .*: Failed to authenticate user .* \(:.*\)

コメント