too many registration attempts used up too many resources -- denial of service, essentially...
I'm not completely opposed to sip, I suppose fail2ban could work. iax2 has been *so easy*, though...
On Tue, Apr 24, 2012 at 4:53 PM, John Knight <[address removed]>
perhaps offer me a reason why I should consider SIP? (Every
time I open port 5060 up my * gets attacked.)
You're pretty clear in your bias against iax2 so I'm not going to
argue there. :D If you want to continue using iax, that's your
business and none of us can tell you which method of trunking is a
one-true-way best practice.
But I am genuinely curious: in opening port 5060 were you actually
hacked or did you get ddos-ed? If you were hacked, what method was
I've deployed a large number of hosted Asterisk systems and beyond
someone using a poor peer password I've never seen sip get hacked
merely for being open and we're pretty much constantly getting new
scans sent our way from RIPE.
A strict regiment of security practices (no all-numerical passwords,
not allowing anonymous sip connections, etc) has never failed me in
ddos attacks are another matter (though not inherent to sip, this
can certainly happen with other services) and I find this problem is
best handled externally from the actual pbx via the use of a
firewall. Some people swear by fail2ban but that doesn't actually
help much for thousands of attempted registrations clogging up the
On 4/24/2012 4:27 PM, Jeff Otterson wrote:
It looks like Junction
Networks is jacking their monthly rates beyond the pain point
for a poor home pbx operator.
They've been good, and quite inexpensive, for years, but it
seems I must part ways with them now.
Can anybody recommend a reasonably affordable source for
Or perhaps offer me a reason why I should consider SIP?
(Every time I open port 5060 up my * gets attacked.)
Please Note: If you hit "REPLY", your message
will be sent to everyone on this mailing
list ([address removed])
This message was sent by Jeff Otterson
([address removed]) from The Atlanta Asterisk
To learn more about Jeff Otterson, visit his/her member
Set my mailing list to email me As
they are sent | In
one daily email | Don't
send me mailing list messages
Meetup, PO Box 4668 #37895 New
York, New York[masked] | [address removed]