[AsteriskBrasil] Intruso no Asterisk
Alexandre Ricardo Souza Silva
alexandre em componentizar.com.br
Segunda Novembro 23 21:03:43 BRST 2009
Salve Galera!
Preciso de help de todos, estava verificando o log do meu asterisk e notei que tenho uns 48 registro assim ( Sip/113.105.152.56 asterisk asterisk) , pelo que verifiquei na Net isso é tentativa de intruso, só que esse ip tentou ligar para alguns lugares , mas sem sucesso pelo que vi , todas as tentativas não passou de 16 segundos, essas 48 tentativas sao desde mes 08 , hoje por exemplo não tive este ataque, eles estao tentando a cada 4 dias...
Qual o patch q tenho que aplicar no * para manter mais seguro?
***Log
Nov 14 01:22:19] VERBOSE[21171] logger.c: -- Executing [011441616604001 em from-sip-external:1] NoOp("SIP/113.105.152.56-b2e04818", "Received incoming SIP connection from unknown peer to 011441616604001") in new stack
[Nov 14 01:22:19] VERBOSE[21171] logger.c: -- Executing [011441616604001 em from-sip-external:2] Set("SIP/113.105.152.56-b2e04818", "DID=011441616604001") in new stack
[Nov 14 01:22:19] VERBOSE[21171] logger.c: -- Executing [011441616604001 em from-sip-external:3] Goto("SIP/113.105.152.56-b2e04818", "s|1") in new stack
[Nov 14 01:22:19] VERBOSE[21171] logger.c: -- Executing [s em from-sip-external:1] GotoIf("SIP/113.105.152.56-b2e04818", "0?from-trunk|011441616604001|1") in new stack
[Nov 14 01:22:19] VERBOSE[21171] logger.c: -- Executing [s em from-sip-external:2] Set("SIP/113.105.152.56-b2e04818", "TIMEOUT(absolute)=15") in new stack
[Nov 14 01:22:19] VERBOSE[21171] logger.c: -- Executing [s em from-sip-external:3] Answer("SIP/113.105.152.56-b2e04818", "") in new stack
[Nov 14 01:22:19] VERBOSE[21171] logger.c: -- Executing [s em from-sip-external:4] Wait("SIP/113.105.152.56-b2e04818", "2") in new stack
[Nov 14 01:22:21] VERBOSE[21170] logger.c: -- Executing [s em from-sip-external:5] Playback("SIP/113.105.152.56-b2e08a38", "ss-noservice") in new stack
[Nov 14 01:22:21] VERBOSE[21171] logger.c: -- Executing [s em from-sip-external:5] Playback("SIP/113.105.152.56-b2e04818", "ss-noservice") in new stack
[Nov 14 01:22:21] VERBOSE[21170] logger.c: -- <SIP/113.105.152.56-b2e08a38> Playing 'ss-noservice' (language 'en')
[Nov 14 01:22:21] VERBOSE[21171] logger.c: -- <SIP/113.105.152.56-b2e04818> Playing 'ss-noservice' (language 'en')
[Nov 14 01:22:28] VERBOSE[21170] logger.c: -- Executing [s em from-sip-external:6] PlayTones("SIP/113.105.152.56-b2e08a38", "congestion") in new stack
[Nov 14 01:22:28] VERBOSE[21170] logger.c: -- Executing [s em from-sip-external:7] Congestion("SIP/113.105.152.56-b2e08a38", "5") in new stack
[Nov 14 01:22:28] VERBOSE[21171] logger.c: -- Executing [s em from-sip-external:6] PlayTones("SIP/113.105.152.56-b2e04818", "congestion") in new stack
[Nov 14 01:22:28] VERBOSE[21171] logger.c: -- Executing [s em from-sip-external:7] Congestion("SIP/113.105.152.56-b2e04818", "5") in new stack
[Nov 14 01:22:34] VERBOSE[21170] logger.c: == Spawn extension (from-sip-external, s, 7) exited non-zero on 'SIP/113.105.152.56-b2e08a38'
[Nov 14 01:22:34] VERBOSE[21170] logger.c: -- Executing [T em from-sip-external:1] NoOp("SIP/113.105.152.56-b2e08a38", "Received incoming SIP connection from unknown peer to T") in new stack
[Nov 14 01:22:34] VERBOSE[21170] logger.c: -- Executing [T em from-sip-external:2] Set("SIP/113.105.152.56-b2e08a38", "DID=s") in new stack
[Nov 14 01:22:34] VERBOSE[21170] logger.c: -- Executing [T em from-sip-external:3] Goto("SIP/113.105.152.56-b2e08a38", "s|1") in new stack
[Nov 14 01:22:34] VERBOSE[21170] logger.c: -- Executing [s em from-sip-external:1] GotoIf("SIP/113.105.152.56-b2e08a38", "0?from-trunk|s|1") in new stack
[Nov 14 01:22:34] VERBOSE[21170] logger.c: -- Executing [s em from-sip-external:2] Set("SIP/113.105.152.56-b2e08a38", "TIMEOUT(absolute)=15") in new stack
[Nov 14 01:22:34] VERBOSE[21170] logger.c: -- Executing [s em from-sip-external:3] Answer("SIP/113.105.152.56-b2e08a38", "") in new stack
[Nov 14 01:22:34] VERBOSE[21170] logger.c: -- Executing [s em from-sip-external:4] Wait("SIP/113.105.152.56-b2e08a38", "2") in new stack
[Nov 14 01:22:34] VERBOSE[21171] logger.c: == Spawn extension (from-sip-external, s, 7) exited non-zero on 'SIP/113.105.152.56-b2e04818'
[Nov 14 01:22:34] VERBOSE[21171] logger.c: -- Executing [T em from-sip-external:1] NoOp("SIP/113.105.152.56-b2e04818", "Received incoming SIP connection from unknown peer to T") in new stack
[Nov 14 01:22:34] VERBOSE[21171] logger.c: -- Executing [T em from-sip-external:2] Set("SIP/113.105.152.56-b2e04818", "DID=s") in new stack
[Nov 20 15:23:17] VERBOSE[6506] logger.c: -- Executing [s em from-sip-external:1] GotoIf("SIP/113.105.152.56-b3702a48", "0?from-trunk|s|1") in new stack
[Nov 20 15:23:17] VERBOSE[6506] logger.c: -- Executing [s em from-sip-external:2] Set("SIP/113.105.152.56-b3702a48", "TIMEOUT(absolute)=15") in new stack
[Nov 20 15:23:17] VERBOSE[6506] logger.c: -- Executing [s em from-sip-external:3] Answer("SIP/113.105.152.56-b3702a48", "") in new stack
[Nov 20 15:23:17] VERBOSE[6506] logger.c: == Spawn extension (from-sip-external, s, 3) exited non-zero on 'SIP/113.105.152.56-b3702a48'
[Nov 20 17:05:38] VERBOSE[25061] logger.c: -- Executing [00#441616604001 em from-sip-external:1] NoOp("SIP/113.105.152.56-b37009f8", "Received incoming SIP connection from unknown peer to 00#441616604001") in new stack
[Nov 20 17:05:38] VERBOSE[25061] logger.c: -- Executing [00#441616604001 em from-sip-external:2] Set("SIP/113.105.152.56-b37009f8", "DID=00#441616604001") in new stack
[Nov 20 17:05:38] VERBOSE[25061] logger.c: -- Executing [00#441616604001 em from-sip-external:3] Goto("SIP/113.105.152.56-b37009f8", "s|1") in new stack
[Nov 20 17:05:38] VERBOSE[25061] logger.c: -- Executing [s em from-sip-external:1] GotoIf("SIP/113.105.152.56-b37009f8", "0?from-trunk|00#441616604001|1") in new stack
[Nov 20 17:05:38] VERBOSE[25061] logger.c: -- Executing [s em from-sip-external:2] Set("SIP/113.105.152.56-b37009f8", "TIMEOUT(absolute)=15") in new stack
[Nov 20 17:05:38] VERBOSE[25061] logger.c: -- Executing [s em from-sip-external:3] Answer("SIP/113.105.152.56-b37009f8", "") in new stack
[Nov 20 17:05:38] VERBOSE[25061] logger.c: -- Executing [s em from-sip-external:4] Wait("SIP/113.105.152.56-b37009f8", "2") in new stack
[Nov 20 17:05:40] VERBOSE[25061] logger.c: -- Executing [s em from-sip-external:5] Playback("SIP/113.105.152.56-b37009f8", "ss-noservice") in new stack
[Nov 20 17:05:40] VERBOSE[25061] logger.c: -- <SIP/113.105.152.56-b37009f8> Playing 'ss-noservice' (language 'en')
[Nov 20 17:05:47] VERBOSE[25061] logger.c: -- Executing [s em from-sip-external:6] PlayTones("SIP/113.105.152.56-b37009f8", "congestion") in new stack
[Nov 20 17:05:47] VERBOSE[25061] logger.c: -- Executing [s em from-sip-external:7] Congestion("SIP/113.105.152.56-b37009f8", "5") in new stack
[Nov 20 17:05:52] VERBOSE[25061] logger.c: == Spawn extension (from-sip-external, s, 7) exited non-zero on 'SIP/113.105.152.56-b37009f8'
[Nov 20 17:05:52] VERBOSE[25061] logger.c: -- Executing [h em from-sip-external:1] NoOp("SIP/113.105.152.56-b37009f8", "Hangup") in new stack
[Nov 20 17:05:52] VERBOSE[25061] logger.c: -- Executing [h em from-sip-external:2] Set("SIP/113.105.152.56-b37009f8", "DID=s") in new stack
[Nov 20 17:05:52] VERBOSE[25061] logger.c: -- Executing [h em from-sip-external:3] Goto("SIP/113.105.152.56-b37009f8", "s|1") in new stack
[Nov 20 17:05:52] VERBOSE[25061] logger.c: -- Executing [s em from-sip-external:1] GotoIf("SIP/113.105.152.56-b37009f8", "0?from-trunk|s|1") in new stack
[Nov 20 17:05:52] VERBOSE[25061] logger.c: -- Executing [s em from-sip-external:2] Set("SIP/113.105.152.56-b37009f8", "TIMEOUT(absolute)=15") in new stack
[Nov 20 17:05:52] VERBOSE[25061] logger.c: -- Executing [s em from-sip-external:3] Answer("SIP/113.105.152.56-b37009f8", "") in new stack
[Nov 20 17:05:52] VERBOSE[25061] logger.c: == Spawn extension (from-sip-external, s, 3) exited non-zero on 'SIP/113.105.152.56-b37009f8'
**
Fico no aguardo
Abraço
Alexandre
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: http://listas.asteriskbrasil.org/pipermail/asteriskbrasil/attachments/20091123/3d6577f4/attachment.htm
Mais detalhes sobre a lista de discussão AsteriskBrasil