FreePBX responsive firewall
-
FreePBX added a responsive firewall a while back and it is one of the features I really like about FreePBX in the current incarnation.
I have a new install setup that has been up a week now with only 2 extensions on it and nothing else setup.
Just received this email.
-
16 attempts before it goes to banned? That seems like a large number.
-
I have not looked at configuration beyond default.
-
Fail2Ban rocks for stuff like this!
-
I like the responsive firewall a lot. Does a great job.
-
Agreed. Probably one of the best things for happen for VoIP security in a while. I set fail2ban to be extremely limiting for SIP attacks. After 2 or 3 failed attempts, your banned for a day. REALLY cuts down on attack attempts.
-
@fuznutz04 said in FreePBX responsive firewall:
REALLY cuts down on attack attempts.
That you see. The attempts are still there. I am sure if you monitor the blocked log it would be big.
-
@JaredBusch Right. But once they are blocked/banned, the firewall drops the packets/stops responding altogether to that IP for the duration of the ban. At least then it stops them trying to register against SIP.
The responsive firewall really does wonders for those moving around on soft phones on their cell phones as well. (Always has a different IP address)
-
My IP is out there now for sure. Six more blocks this afternoon. All blocked after 5 attempts.
-
Someone might have talked about fail2ban somewhere recently.
