26 Nov
2013
26 Nov
'13
11:32 p.m.
it is comming from "friendly-scanner" The other issue I have is that
"/var/log/secure" is not getting the sip requests so the only way I realize it
is happeing is from tcpdump. If the secure file is not picking it up then iptables wont
know about it. How can I tell iptables to listen for sip requests? I have already added
the IP to the blocked IP's but he still keeps on comming.
Thanks,
On Nov 26, 2013, at 4:28 PM, Ovidiu Sas <osas(a)voipembedded.com> wrote:
Most likely it's a bogus script.
Sometimes just sending a dummy reply, will stop the script sending SIP requests.
Check the User-Agent header and from username to see if you can
identify the script and google around for it.
Regards,
Ovidiu Sas
On Tue, Nov 26, 2013 at 4:17 PM, Joli Martinez <mrjoli021(a)gmail.com> wrote:
I am running Kamailio in CentOS. I ran tcpdump
and noticed that we are getting attacked from IP 188.138.32.72. I have already blocked it
on IPtables, but he keeps on attacking the server. If I look at
"/var/log/secure" there are no SIP messages. My question is where is the log
file for Kamailio and how can I prevent this type of attacks in the future.
Thanks,
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
VoIP Embedded, Inc.
http://www.voipembedded.com
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users