bubblestar

之前你用IP-01，它的Default也是 alwaysauthreject=yes 的，為什麼會跟現在有分別呢?  可能Hacker是不同人，所以有不同的耐性。

bubblestar

Below is an email conversation between a blogger and Chris Lyman, the former CEO of Fonality, the makers of trixbox IP-PBX systems.

Cracking IP-PBX SIP Passwords - Be Afraid!

You can get some more ideas and this is good for thought.


10 Rules You Should Follow

bubblestar

Me too.  Once I was attacked by one of the IP in the range, I would block the whole IP range thru my Router settings.
My router can block a total of 256 IP ranges.  Now I've just used 9 IP ranges.  Still have much room to adopt this policy.  Above all, I am 100% sure I don't need to communicate anyone of these IP addresses.

bubblestar

I think it is also better to enable DoS defend feature to avoid flooding attack.

bubblestar

The Hackers' IP ranges that I experienced or through the members here are as below:

1. China Unicom Shandong                 119.176.0.0 - 119.191.255.255
   
2. China Chinanet Anhui                  60.166.0.0 - 60.175.255.255
   
3. China Tianjin Anteinfo                202.99.121.0 - 202.99.121.255
   
4. Netherlands NL Leaseweb               95.211.0.0 - 95.211.255.255
   
5. UNKNOWN THEPLANET                     174.132.0.0 - 174.133.255.255
   
6. Korea HANANET                         222.232.0.0 - 222.239.255.255
   
7. China CHINANET-Jiangsu                202.102.0.0 - 202.102.127.255
   
8. UK iDealhosting                       95.154.248.0 - 95.154.251.255
   
9. Middle-East Palestine                 188.161.128.0 - 188.161.255.255

複製代碼

In view of above record, more than 44% of hackers' IP come from China.  HOW BAD they are.  

I block all these IP ranges without ANY hesitation.  If anyone of you have some friends or relatives come from these Service Providers, you may adjust and fine tune by yourselves.  Otherwises, your contact with them may become disconnected.

bubblestar

Some active Asterisk Brute-force Hackers can be found in here

http://www.ipillion.com/ip/64.156.192.26

bubblestar

回復 23# ckleea


   
On the right hand side, you can see some familiar hackers name who might have visited you before.

bubblestar

哈哈! 銅牆鐵壁。

除非呢D Hackers 轉換Service Provider 再攞另一組ISP的IP ranges，否則真係不得其門而入了。
當然，他們還可以騎劫另一些第三者的IP再入侵，但一般按取易不取難的常理，真的沒有價值地為我們一般人做咁多野，才可以打個電話。 除非我地有一些非常吸引的地方，可以令到他們有非入不可的原因啦!

Good measures.

bubblestar

煩一次可以一勞永逸，值得的。

bubblestar

2 more new hackers' visit.  One from Russia and one from Switzerland.  I think they just scan randomly and tried only once and waived.

62.152.60.70:5191 from Russia

82.220.3.13:5145 from Switzerland

Interestingly and unanimously, these 2 hackers themselves are not using the default UDP port 5060.