[SR-Users] Log files
Joli Martinez
mrjoli021 at gmail.com
Tue Nov 26 22:32:54 CET 2013
it is comming from "friendly-scanner" The other issue I have is that "/var/log/secure" is not getting the sip requests so the only way I realize it is happeing is from tcpdump. If the secure file is not picking it up then iptables wont know about it. How can I tell iptables to listen for sip requests? I have already added the IP to the blocked IP's but he still keeps on comming.
Thanks,
On Nov 26, 2013, at 4:28 PM, Ovidiu Sas <osas at voipembedded.com> wrote:
> Most likely it's a bogus script.
> Sometimes just sending a dummy reply, will stop the script sending SIP requests.
> Check the User-Agent header and from username to see if you can
> identify the script and google around for it.
>
> Regards,
> Ovidiu Sas
>
> On Tue, Nov 26, 2013 at 4:17 PM, Joli Martinez <mrjoli021 at gmail.com> wrote:
>> I am running Kamailio in CentOS. I ran tcpdump and noticed that we are getting attacked from IP 188.138.32.72. I have already blocked it on IPtables, but he keeps on attacking the server. If I look at "/var/log/secure" there are no SIP messages. My question is where is the log file for Kamailio and how can I prevent this type of attacks in the future.
>>
>> Thanks,
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
>
> --
> VoIP Embedded, Inc.
> http://www.voipembedded.com
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
More information about the sr-users
mailing list