vicidial.org

Posted: **Sat Sep 24, 2016 1:45 am**

Hi i recently installed a cluster server 1 DB/Web and 2 Telephony Servers, i need some help with the security, all the information i have found about fail2ban is from 3 - 5 years old, there is any fail2ban guide updated ??? i tried DGG but when the installation ask for root password (i dont know) always says that database could not be created .....

i have the DB/Web without firewall because when internal firewall is active the telephony server does not connect. The telephony server has firewall. what is the best way to link servers ???

[Sep 24 02:33:09] NOTICE[1697]: chan_sip.c:28480 handle_request_register: Registration from '"301" <sip:301@XXX.XXX.XXX.XXX>' failed for '213.202.233.167:5071' - Wrong password
[Sep 24 02:33:19] NOTICE[1697]: chan_sip.c:28480 handle_request_register: Registration from '"1002" <sip:1002@XXX.XXX.XXX.XXX>' failed for '213.202.233.167:5062' - Wrong password
[Sep 24 02:33:23] NOTICE[1697]: chan_sip.c:28480 handle_request_register: Registration from '"6002" <sip:6002@XXX.XXX.XXX.XXX>' failed for '213.202.233.167:5101' - Wrong password
[Sep 24 02:33:30] NOTICE[1697]: chan_sip.c:28480 handle_request_register: Registration from '"202" <sip:202@XXX.XXX.XXX.XXX>' failed for '213.202.233.167:5114' - Wrong password
[Sep 24 02:33:30] NOTICE[1697]: chan_sip.c:28480 handle_request_register: Registration from '"6668" <sip:6668@XXX.XXX.XXX.XXX>' failed for '213.202.233.167:5117' - Wrong password
[Sep 24 02:33:43] NOTICE[1697]: chan_sip.c:28480 handle_request_register: Registration from '"2001" <sip:2001@XXX.XXX.XXX.XXX>' failed for '213.202.233.167:5075' - Wrong password
[Sep 24 02:33:47] NOTICE[1697]: chan_sip.c:28480 handle_request_register: Registration from '"602" <sip:602@XXX.XXX.XXX.XXX>' failed for '213.202.233.167:5068' - Wrong password
[Sep 24 02:34:01] NOTICE[1697]: chan_sip.c:28480 handle_request_register: Registration from '"8002" <sip:8002@XXX.XXX.XXX.XXX>' failed for '213.202.233.167:5069' - Wrong password

Thanks in advance

Posted: **Sat Sep 24, 2016 3:39 pm**

If you have remote agents I would rather keep digging with DGG than going down for a fail2ban setup.

But remember, this is only needed if you are using remote agents, if you are not using home agents, then you only need to properly setup your firewall.

Assign you LAN interface as Internal and your WAN as external, then add custom rules to allow ONLY your carriers, that is a whitelist firewall.

If you are having issues in your LAN when turning on your firewall is because it is not properly set.

Posted: **Sat Sep 24, 2016 3:54 pm**

Thanks for your rapid response. Some times all Agents are not at one location, so it's better with fail2ban or DGG ??

I just made the changes

LAN interface are Internal and WAN are external

Now all servers has firewall on, but cant open asterisk @ dialer servers

asterisk -r
Unable to connect to remote asterisk (does /run/asterisk/asterisk.ctl exist?)

Posted: **Sat Sep 24, 2016 4:26 pm**

I prefer DGG

Posted: **Sat Sep 24, 2016 4:27 pm**

cant open asterisk @ dialer servers

asterisk -r
Unable to connect to remote asterisk (does /run/asterisk/asterisk.ctl exist?)

Posted: **Sat Sep 24, 2016 4:33 pm**

covarrubiasgg wrote:I prefer DGG

it should be installed in all servers or just dialer servers ?
what is the mysql root password ??
what is the login and password for the dgg page ??

Posted: **Thu Nov 10, 2016 12:19 pm**

Manual for used or activated fail2ban?

Posted: **Fri Nov 11, 2016 12:57 pm**

We use a hard code iptables rule set that keeps everyone out. Packet drops, and no one knows you are running asterisk or SIP register server.
And then implement a unlock process with php to add a rule to the iptables to allow access.
Not one security issue in 5 years.

All the best - Noah

Posted: **Fri Nov 11, 2016 1:59 pm**

Could you share how to use iptables and fail2ban ??

vicidial.org

Help with security

Help with security

Re: Help with security

Re: Help with security

Re: Help with security

Re: Help with security

Re: Help with security

Re: Help with security

Re: Help with security

Re: Help with security