Hello I need to connect an Asterisk server to the Net so that 1) remote users can register and 2) Internet users can ring any extension on the server. I'll use iptables to prevent hackers from trying to register. I was wondering what solution to use to block brute force attempts: - just rely on iptables since it offers a way, eg. "iptables -I INPUT -p udp --dport 5060 -m state --state NEW -m recent --update --seconds 600 --hitcount 2 -j DROP" - add Brute Force Detection (BFD), which is a shell script that is called by CRON (ie. every minute at most) www.rfxn.com/projects/brute-force-detection/ - add SSHGuard, which is apparently a stand-alone binary program that doesn't rely on CRON www.sshguard.net This is on an embedded Linux, so there isn't enough RAM to run Python-based fail2ban. If you have installed Asterisk and iptables, which solution did you end up using? Thank you. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
