LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 04-05-2011, 04:44 AM   #1
littlebigman
Member
 
Registered: Aug 2008
Posts: 548

Rep: Reputation: 33
Question [iptables] How to block brute force attacks?


Hello

I need to connect an Asterisk server to the Net so that 1) remote users can register and 2) Internet users can ring any extension on the server.

I need a way to prevent hackers from trying to register, so the server will also have iptables installed.

But I was wondering what solution to use to block brute force attempts:
  • just rely on iptables since it offers a way, eg. "iptables -I INPUT -p udp --dport 5060 -m state --state NEW -m recent --update --seconds 600 --hitcount 2 -j DROP"
  • add Brute Force Detection (BFD), which is a shell script that is called by CRON (ie. every minute at most)
  • add SSHGuard, which is apparently a stand-alone binary program that doesn't rely on CRON

If you have installed Asterisk and iptables, which solution did you end up using?

Thank you.
 
Old 04-05-2011, 05:05 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,318

Rep: Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701Reputation: 1701
Hi,

I don't use Asterisk, but I would use fail2ban. An in fact there is a regex for Asterisk in fail2ban site.

Regards
 
Old 04-05-2011, 05:48 AM   #3
littlebigman
Member
 
Registered: Aug 2008
Posts: 548

Original Poster
Rep: Reputation: 33
Sorry, forgot to say it's an embedded Linux, so fail2ban won't do because it requires Python and there isn't enough RAM for this.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How can I stop Pop3 Brute Force attacks amuhamed Linux - Newbie 1 03-31-2011 04:45 AM
LXer: Stop brute force attacks with iptables LXer Syndicated Linux News 0 04-27-2010 08:10 AM
[SOLVED] MySql-ban brute force attacks? qwertyjjj Linux - Software 3 08-10-2009 06:28 AM
Does anyone know if guardian can be set to block brute force attacks and only brute f abefroman Linux - Software 2 06-05-2008 11:55 AM
Question on Brute Force Attacks Mad Mike Linux - Security 4 10-16-2006 11:25 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 10:52 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration