Nick

@nick@shore.me.uk

Mostly Retired. Consultant. Ex Managing Director. Ex CTO.

Mikrotik, DNS, Routing, IPv6
Live Sound Engineer. Cornet Player

Based in Debenham, Suffolk UK

163 following, 247 followers

1 ★ 0 ↺

[?]Nick » 🌐
@nick@shore.me.uk

@vfrmedia@social.tchncs.de why do you have the sip port open to the world ? Cant you use firewall address lists and VPNs ?

    ...

    [?]Alex@rtnVFRmedia Suffolk UK » 🌐
    @vfrmedia@social.tchncs.de

    @nick one provider won't deliver inbound calls without it being open and the numbers attached to it are well known and in regular use (we were previously using IAX2 trunks for these numbers which didn't attract many attack attempts but the provider abruptly stopped IAX2 support without warning us)

      ...
      1 ★ 0 ↺

      [?]Nick » 🌐
      @nick@shore.me.uk

      @vfrmedia@social.tchncs.de surely the provider can supply the IP addresses they use so you can allow those in the firewall, and block everything else ?

        ...

        [?]Alex@rtnVFRmedia Suffolk UK » 🌐
        @vfrmedia@social.tchncs.de

        @nick some of them do, the others don't (I'm looking at porting out the numbers from the ones which do not provide a modern level of support)

        I've investigated what is going on and fail2ban is catching them anyway, things look worse as SNGREP is catching the packets at kernel level before they hit the firewall..

          History