大家留意返asterisk個log...

lamsoft

[Aug 28 07:42:43] NOTICE[2894] chan_sip.c: Registration from '"1394"<sip:1394@MY_SEVER_IP>' failed for '200.94.75.207:5065' - No matching peer found
[Aug 28 07:42:43] NOTICE[2894] chan_sip.c: Registration from '"1395"<sip:1395@MY_SEVER_IP>' failed for '200.94.75.207:5065' - No matching peer found
[Aug 28 07:42:43] NOTICE[2894] chan_sip.c: Registration from '"1397"<sip:1397@MY_SEVER_IP>' failed for '200.94.75.207:5065' - No matching peer found
[Aug 28 07:42:43] NOTICE[2894] chan_sip.c: Registration from '"1400"<sip:1400@MY_SEVER_IP>' failed for '200.94.75.207:5065' - No matching peer found
[Aug 28 07:42:43] NOTICE[2894] chan_sip.c: Registration from '"1401"<sip:1401@MY_SEVER_IP>' failed for '200.94.75.207:5065' - No matching peer found
[Aug 28 07:42:43] NOTICE[2894] chan_sip.c: Registration from '"1403"<sip:1403@MY_SEVER_IP>' failed for '200.94.75.207:5065' - No matching peer found
[Aug 28 07:42:43] NOTICE[2894] chan_sip.c: Registration from '"1404"<sip:1404@MY_SEVER_IP>' failed for '200.94.75.207:5065' - No matching peer found
[Aug 28 07:42:43] NOTICE[2894] chan_sip.c: Registration from '"1407"<sip:1407@MY_SEVER_IP>' failed for '200.94.75.207:5065' - No matching peer found
[Aug 28 07:42:43] NOTICE[2894] chan_sip.c: Registration from '"1409"<sip:1409@MY_SEVER_IP>' failed for '200.94.75.207:5065' - No matching peer found

有機會比人DoS...
自己要加返個cron job行返定時 check
Perl Check Script

Web Site Refer: http://www.teamforrest.com/blog/ ... g-peer-found-block/

但佢果個要改...因為佢match個ip時, 無擺埋個port number...
if ($line =~ m/\' failed for \'(.*?)\'
有兩次, 改做
if ($line =~ m/\' failed for \'(.+?)(:[\d]+){0,1}\'

我個SERVER就真係比人撞爆...

[root@lamsoft-pbx asterisk]# perl asterisk_check_fail_logon.pl
Reading input file...
200.94.75.207:5063 blocked. 447360 attempts.
200.94.75.207:5073 blocked. 6748 attempts.
200.94.75.207:5068 blocked. 18838 attempts.
200.94.75.207:5070 blocked. 1668 attempts.
200.94.75.207:5065 blocked. 7099 attempts.
200.94.75.207:5064 blocked. 9685 attempts.

Qnewbie

There are always hacking trials to my IP01 from 5 to 10 different ip addresses each week.

I use white-list in stead of blacklist. It works for a few months right now.

tsm

回復 2# Qnewbie

Ching can you hint how to setup the whitelist
i think blacklist is not possible in my case
as i find it very difficult to setup

and all connection are local and from 1 remote office in china only (use ddns)

Qnewbie

回復 3# tsm

I am using RB750G(prefer RB450G for stability if you got better bugdet). However, I cannot fix the QoS(outgoing traffic is OK but not incoming).
    http://www.telecom-cafe.com/foru ... &extra=page%3D1

Basically, all incoming traffic from 5060 port is directed to an extra control. Only traffic from white-list pass through.

lamsoft

I have mobile voip device so i cannot use white list...

homeinns

I am using RB750G(prefer RB450G for stability if you got better bugdet). However, I cannot fix the QoS(outgoing traffic is OK but not incoming).
http://www.telecom-cafe.com/foru ... &extra=page%3D1

Basically, all incoming traffic from 5060 port is directed to an extra control.
Only traffic from white-list pass through.

C-Hing 的 Asterisk 伎倆太高強啦，小弟連看也看不懂。

但小弟最近盡了最大的努力，用一些廢舊已經退役的電腦，拆除一切高耗能的附件，回復成一台最簡樸的 Bare-Bone 電腦去玩一些 Soft-Router / Firewall 和最近用一台廢舊的 P3 733MHz Intel CPU 報廢電腦，起了一台 Elastix，去學習 Asterisk 的基本功。

因爲最近玩 Soft-Router / Firewall 的過程中累積了一些寶貴的實戰經驗。
玩了 M0n0wall， PFSense， MikroTik RouterOS （ROS），Hi-Router 海蜘蛛， i-386電腦運行的 DD-WRT......等。

我建議 C-Hing 不需要花錢在 ROS RB750G /RB450G 上，因爲 第一是非常貴，第二是非常不環保，將來會製做出一台高科技的電子垃圾，最重要的就是 MikroTik ROS 的 Firewall 是非常專業，要真正是 Firewall Professional 才能夠駕馭的，（Homeinns 這些業餘的半桶水是非常難駕馭的）

按我最近玩 Soft-Router / Firewall 的累積的實戰經驗， 強烈建議 C-Hing 利用家裏一台報廢的退役電腦 （P2， P3， 或者 P4 都行），如果 C-Hing 使用 P3 和 P4 退役電腦 + 海量的 RAM 和 HDD， 去起一台Hi-Router 海蜘蛛 Soft-Router/Firewall。

Homeinns 保證功能絕對與一些商用級別的 CISCO 專業級的 Router/Firewall 有得 Fight，而且其 Firewall 部分又不像 PfSense, MikroTik ROS 那麽複雜。

對 C-Hing 用來做 Asterisk Server 上游的 Anti-DoS Attack 保護絕對能夠符合你的要求，而且不用花費一分一毫（但要耗費大量的心血和求知的熱情），又可以廢物利用，減少生産將來的電子垃圾，最重要的就是鍛煉自己的電腦基本功，將來可以在新高登開一個修理電腦的小店。服務環保，服務社群，又有一個供志同道合的朋友一個聚腳點。

Homeinns 現在 Cut-n-Paste 我國内的家，用一台 1995年代的 P2 333MHz Slot 1 CPU + 256M SDRAM + 6.4G IDE HDD 的廢舊電腦起的Hi-Router 海蜘蛛 Soft-Router/Firewall 的 Cap 圖。

http://www.telecom-cafe.com/foru ... &extra=page%3D1

已經連續在我國内的家 24 x 365 運行了 2個多月， 絕對穩定，在 Multi-Channel BT 下，達到我國内寬帶速度上限的 10M Download 和 10M Upload， CPU utilization 才只不過是 25% ~ 30% 而已。
（Plenty of surplus CPU Power, even-though it is just an P2 333MHz Slot 1 CPU, you can only found such historical computer in Intel's Museum & my China Home)


因此，強烈建議 香港的網友（只要有基本的電腦知識，懂得重灌 Window 的技巧），就可以在香港老家起一台Hi-Router 海蜘蛛 Soft-Router/Firewall。（用其内建的 PPTP VPN 和 SSL VPN （其實是 OpenVPN 才對）來做中港的破網翻墻，更是一絕）

Qnewbie

Good job, homeinns C-hing!

Unfortunately, I bought RB750 already and cannot get any PIII or PIV computer for free.

On the other side, the RB750 consumes only 4~5W and good for environment too.

角色

回復 6# homeinns

是否有英文版呢？不然看中文需要转到英文才容易明白。

bubblestar

HiRouter 本身就有英文版。

http://www.hirouter.com/

角色

回復 9# bubblestar

谢谢Bubblestar师兄的信息。