vicidial.org

VICIDIAL astGUIclient discussion forum

Skip to content

Vicidial.org Home      Vicidial Forum      Vicidial Wiki      Vicidial Issue Tracker      astGUIclient Project Page


what is this i saw??

All installation and configuration problems and questions

Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N

Post a reply

what is this i saw??

Postby sigbinme » Thu Sep 26, 2013 1:27 pm

what is this i saw on my CLI

please xplain

817@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"1004" <sip:1004@115.85.1.226>' failed for '199.19.111.221' - Wrong password
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323818"<sip:323818@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"1004" <sip:1004@115.85.1.226>' failed for '199.19.111.221' - Wrong password
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323819"<sip:323819@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"1004" <sip:1004@115.85.1.226>' failed for '199.19.111.221' - Wrong password
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323821"<sip:323821@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323822"<sip:323822@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"1004" <sip:1004@115.85.1.226>' failed for '199.19.111.221' - Wrong password
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323823"<sip:323823@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"1004" <sip:1004@115.85.1.226>' failed for '199.19.111.221' - Wrong password
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323824"<sip:323824@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"1004" <sip:1004@115.85.1.226>' failed for '199.19.111.221' - Wrong password
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323825"<sip:323825@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323826"<sip:323826@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323827"<sip:323827@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323828"<sip:323828@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323829"<sip:323829@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323830"<sip:323830@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"323831"<sip:323831@115.85.1.226>' failed for '199.19.111.221' - No matching peer found
[Sep 27 02:24:40] NOTICE[1571]: chan_sip.c:16835 handle_request_register: Registration from '"1004" <sip:1004@115.85.1.226>' failed for '199.19.111.221' - Wrong password
dbserver*CLI>
Ubuntu 10.04.4 LTS - Vicidial VERSION: 2.6-32-40 - BUILD: 130414-1924 - asterisk 1.4.39.1-vici - Clean Install - Single Server - Intel® Xeon® 3400 Series Quad-core
sigbinme
 
Posts: 22
Joined: Wed Jun 12, 2013 11:50 am
Top

Re: what is this i saw??

Postby callcrazy » Thu Sep 26, 2013 2:22 pm

A script is most likely attempting to gain entry to your server to hack your system.

I run a script that checks the logs every minute for failed registrations then adds the IP to iptable reject list.

Intrusion detection is what you're looking for.
Vicibox 6.0.4 from .iso | VERSION: 2.12-538a BUILD: 160122-1401 | Asterisk 1.8.32.3-vici | 1xDB, 2xWeb, 7xPBX | Amfeltec Timers | Sangoma/Lyra AMD | Dell Hardware
callcrazy
 
Posts: 122
Joined: Fri Sep 10, 2010 11:30 am
Location: MI
Top

Re: what is this i saw??

Postby sigbinme » Thu Sep 26, 2013 2:28 pm

thank you so much callcrazy
im a newbie.
I'll try to read IPtable reject... is that the one that black the IP of the intruder
right?
Ubuntu 10.04.4 LTS - Vicidial VERSION: 2.6-32-40 - BUILD: 130414-1924 - asterisk 1.4.39.1-vici - Clean Install - Single Server - Intel® Xeon® 3400 Series Quad-core
sigbinme
 
Posts: 22
Joined: Wed Jun 12, 2013 11:50 am
Top
Post a reply

Return to Support

Who is online

Users browsing this forum: Google [Bot] and 127 guests

Powered by phpBB® Forum Software © phpBB Group