[App_rpt-users] CLI help
Robert Newberry
N1XBM at amsat.org
Fri Jun 27 19:09:56 UTC 2014
OK thru some googling and reading help files I've blocked the IP address. I
then used iptables -L to verify I did it. I will monitor the CLI and see if
the see if the attempts keep coming.
Thank you
On Fri, Jun 27, 2014 at 3:02 PM, Robert Newberry <N1XBM at amsat.org> wrote:
> I also googled the IP and I'm coming up with India...slightly confused on
> that.
>
>
> On Fri, Jun 27, 2014 at 2:57 PM, Robert Newberry <N1XBM at amsat.org> wrote:
>
>> OK so I found the offending IP address out of South Brisdane, Queensland.
>> They are just going thru 4 digit extensions one by one, they file is quite
>> large. What should I do next? Block the IP and report it?
>>
>>
>> On Fri, Jun 27, 2014 at 2:00 PM, DARN SIMPLE | N0PCO <
>> n0pco at darnsimple.net> wrote:
>>
>>> As most would say "you're dealing with script kiddies" people that are
>>> trying to find a free route for the calls among other mischievous things.
>>>
>>> -----------------
>>>
>>> Check the file /var/log/asterisk/messages for some helpful clues where
>>> the attempts are coming from.
>>>
>>> Look for SECURITY[numbercode] there should be some ip addresses on the
>>> same line.
>>>
>>> You can find out more about the ip address and the subnet involved by
>>> going to: http://mxtoolbox.com/arin.aspx and enter the ip address.
>>>
>>> Do you know how to set up the iptable rules?
>>>
>>> ------------------
>>>
>>>
>>> It's more of a nuisance than anything else. Still a good idea to
>>> learn how to use iptables, it will make things easier in the long run.
>>>
>>>
>>> Mars
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On 06/27/2014 11:59 AM, Robert Newberry wrote:
>>>
>>>> Can anyone tell me what this means in my CLI?
>>>>
>>>>
>>>> [Jun 27 12:47:44] NOTICE[2177]: chan_sip.c:14418 handle_request_invite:
>>>> Call from '' to extension '+901148422885410' rejected because extension
>>>> not
>>>> found.
>>>> [Jun 27 12:48:04] WARNING[2177]: chan_sip.c:1964 retrans_pkt: Maximum
>>>> retries exceeded on transmission 768cac067094ca767d045f9ac57d60d3 for
>>>> seqno
>>>> 1 (Critical Response) -- See doc/sip-retransmit.txt.
>>>> N1XBM*CLI>
>>>>
>>>> So I do have to extensions setup one is my tablet (which is off) I also
>>>> have my cell phone (which I have in airplane mode). Is someone trying to
>>>> hack my server?
>>>>
>>>> Thank you
>>>>
>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.keekles.org/pipermail/app_rpt-users/attachments/20140627/b52def07/attachment.html>
More information about the App_rpt-users
mailing list