Tweet
tengo mi server en no-ip
PING patito.no-ip.org (187.198.124.1) 56(84) bytes of data.
64 bytes from dsl-187-198-124-1-dyn.prod-infinitum.com.mx (187.198.124.1): icmp_req=1 ttl=255 time=1.98 ms
64 bytes from dsl-187-198-124-1-dyn.prod-infinitum.com.mx (187.198.24.1): icmp_req=2 ttl=255 time=1.18 ms
64 bytes from dsl-187-198-124-1-dyn.prod-infinitum.com.mx (187.198.124.1): icmp_req=3 ttl=255 time=1.25 ms
64 bytes from dsl-187-198-124-1-dyn.prod-infinitum.com.mx (187.198.124.1): icmp_req=4 ttl=255 time=1.23 ms
tengo confiigurado el fail2ban pero por situaciones desconosco y no banea correctamente
Chain fail2ban-ASTERISK (1 references)
target prot opt source destination
DROP all -- 1.1.1.1 anywhere
DROP all -- dsl-187-198-124-1-dyn.prod-infinitum.com.mx anywhere
RETURN all -- anywhere anywhere
pero recibo ataques de mi propia direcion ip
[2013-11-29 18:39:23] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=a7a1d8c5
[2013-11-29 18:39:23] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=a7a1d8c5
[2013-11-29 18:40:34] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=58040ade
[2013-11-29 18:40:34] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=58040ade
[2013-11-29 18:41:52] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=eb791613
[2013-11-29 18:41:52] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=eb791613
[2013-11-29 18:43:47] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=f7e976b8
[2013-11-29 18:43:47] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=f7e976b8
[2013-11-29 18:43:50] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=88763292
[2013-11-29 18:43:51] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=88763292
y asi tengo mi log grande el archivo
como puede ser esto
PING patito.no-ip.org (187.198.124.1) 56(84) bytes of data.
64 bytes from dsl-187-198-124-1-dyn.prod-infinitum.com.mx (187.198.124.1): icmp_req=1 ttl=255 time=1.98 ms
64 bytes from dsl-187-198-124-1-dyn.prod-infinitum.com.mx (187.198.24.1): icmp_req=2 ttl=255 time=1.18 ms
64 bytes from dsl-187-198-124-1-dyn.prod-infinitum.com.mx (187.198.124.1): icmp_req=3 ttl=255 time=1.25 ms
64 bytes from dsl-187-198-124-1-dyn.prod-infinitum.com.mx (187.198.124.1): icmp_req=4 ttl=255 time=1.23 ms
tengo confiigurado el fail2ban pero por situaciones desconosco y no banea correctamente
Chain fail2ban-ASTERISK (1 references)
target prot opt source destination
DROP all -- 1.1.1.1 anywhere
DROP all -- dsl-187-198-124-1-dyn.prod-infinitum.com.mx anywhere
RETURN all -- anywhere anywhere
pero recibo ataques de mi propia direcion ip
[2013-11-29 18:39:23] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=a7a1d8c5
[2013-11-29 18:39:23] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=a7a1d8c5
[2013-11-29 18:40:34] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=58040ade
[2013-11-29 18:40:34] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=58040ade
[2013-11-29 18:41:52] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=eb791613
[2013-11-29 18:41:52] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=eb791613
[2013-11-29 18:43:47] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=f7e976b8
[2013-11-29 18:43:47] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=f7e976b8
[2013-11-29 18:43:50] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=88763292
[2013-11-29 18:43:51] NOTICE[19005] chan_sip.c: Sending fake auth rejection for device 101<sip:101@187.198.124.1>;tag=88763292
y asi tengo mi log grande el archivo
como puede ser esto
Comentario