<div>Rastreando mais a fundo :</div>
<div> </div>
<div>Interesting ports on <a href="http://208.38.164.96">208.38.164.96</a>:<br>Not shown: 1670 closed ports<br>PORT STATE SERVICE<br>21/tcp open ftp<br>22/tcp open ssh<br>80/tcp open http<br>
111/tcp open rpcbind<br>443/tcp open https<br>623/tcp filtered unknown<br>664/tcp filtered unknown<br>672/tcp open unknown<br>3306/tcp open mysql<br>10000/tcp open snet-sensor-mgmt<br>Device type: general purpose<br>
Running: Linux 2.4.X<br>OS details: Linux 2.4.18 - 2.4.27</div>
<div> </div>
<div>Vlw luciano mas prefiro o OSSEC <br><br></div>
<div class="gmail_quote">2009/11/4 Luciano Antonio Borguetti Faustino <span dir="ltr"><<a href="mailto:lucianoborguetti.listas@gmail.com">lucianoborguetti.listas@gmail.com</a>></span><br>
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote">Eder,
<div><br></div>
<div>Interessante, </div>
<div><br></div>
<div>Trantando o problema mais profissionamente acoselho a instalação de um IDS/IPS (Snort por exemplo -<a href="http://www.snort.org/" target="_blank">http://www.snort.org/</a>), onde você consegue identificar esses tipos de ataques e criar ações, como exemplo o bloqueio do host atacante.</div>
<div><br></div>
<div>[]s,<br><br>
<div class="gmail_quote">2009/11/4 Itamar Reis Peixoto <span dir="ltr"><<a href="mailto:itamar@ispbrasil.com.br" target="_blank">itamar@ispbrasil.com.br</a>></span>
<div>
<div></div>
<div class="h5"><br>
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote">eu continuo com a minha opiniao de que iptables e' pra boiola<br><br>route add -host 208.38.164.96 reject<br>
<br>resolve o problema !<br><br><br><br>2009/11/4 Eder Souza <<a href="mailto:eder.souza@bsd.com.br" target="_blank">eder.souza@bsd.com.br</a>><br>
<div>
<div></div>
<div>><br>> Log do Asterisk segue ae para vc ver um ataque massivo chutando users sips, repare quantos users ele conseguiu chutar em apenas um segundo !!!<br>><br>><br>> uma amostra do log referente ao ataque !!!<br>
><br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"0"<sip:0@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"1"<sip:1@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"2"<sip:2@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"3"<sip:3@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"4"<sip:4@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"5"<sip:5@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"6"<sip:6@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"7"<sip:7@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"8"<sip:8@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"9"<sip:9@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"10"<sip:10@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"11"<sip:11@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"12"<sip:12@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"13"<sip:13@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"14"<sip:14@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"15"<sip:15@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"16"<sip:16@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"17"<sip:17@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"18"<sip:18@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"19"<sip:19@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"20"<sip:20@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"21"<sip:21@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"22"<sip:22@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"23"<sip:23@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"24"<sip:24@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"25"<sip:25@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"26"<sip:26@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"27"<sip:27@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"28"<sip:28@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"29"<sip:29@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"30"<sip:30@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"31"<sip:31@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"32"<sip:32@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"33"<sip:33@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"34"<sip:34@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"35"<sip:35@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"36"<sip:36@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"37"<sip:37@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"38"<sip:38@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"39"<sip:39@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"40"<sip:40@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"41"<sip:41@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"42"<sip:42@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"43"<sip:43@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"44"<sip:44@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"45"<sip:45@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"46"<sip:46@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"47"<sip:47@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"48"<sip:48@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"49"<sip:49@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"50"<sip:50@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"51"<sip:51@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"52"<sip:52@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"53"<sip:53@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"54"<sip:54@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"55"<sip:55@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"56"<sip:56@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"57"<sip:57@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"58"<sip:58@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:26] NOTICE[2751] chan_sip.c: Registration from '"59"<sip:59@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:27] NOTICE[2751] chan_sip.c: Registration from '"60"<sip:60@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:27] NOTICE[2751] chan_sip.c: Registration from '"61"<sip:61@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:27] NOTICE[2751] chan_sip.c: Registration from '"62"<sip:62@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:27] NOTICE[2751] chan_sip.c: Registration from '"63"<sip:63@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:27] NOTICE[2751] chan_sip.c: Registration from '"64"<sip:64@IP>' failed for '208.38.164.96' - No matching peer found<br>> [Oct 12 09:31:27] NOTICE[2751] chan_sip.c: Registration from '"65"<sip:65@IP>' failed for '208.38.164.96' - No matching peer found<br>
> [Oct 12 09:31:27] NOTICE[2751] chan_sip.c: Registration from '"66"<sip:66@IP>' failed for '208.38.164.96' - No matching peer found<br><br><br></div></div>------------<br><br>Itamar Reis Peixoto<br>
<br>e-mail/msn/google talk/sip: <a href="mailto:itamar@ispbrasil.com.br" target="_blank">itamar@ispbrasil.com.br</a><br>skype: itamarjp<br>icq: 81053601<br>+55 11 4063 5033<br>+55 34 3221 8599<br>
<div>
<div></div>
<div><br>_______________________________________________<br><a href="http://www.voipmania.com.br/" target="_blank">http://www.voipmania.com.br</a><br>Telefone IP sem fio Gigaset A580IP por 6 x R$59,90.<br>Promoção por tempo limitado!<br>
Acesse agora <a href="http://promo.voipmania.com.br/" target="_blank">http://promo.voipmania.com.br</a><br><br>_______________________________________________<br>Lista de discussões AsteriskBrasil.org<br><a href="mailto:AsteriskBrasil@listas.asteriskbrasil.org" target="_blank">AsteriskBrasil@listas.asteriskbrasil.org</a><br>
<a href="http://listas.asteriskbrasil.org/mailman/listinfo/asteriskbrasil" target="_blank">http://listas.asteriskbrasil.org/mailman/listinfo/asteriskbrasil</a><br></div></div></blockquote></div></div></div><br><br clear="all">
<div class="im"><br>-- <br>#!/bin/bash<br><br>Luciano Antonio Borguetti Faustino<br>GNU/Linux user number: 339110<br>ICQ UIN number: 82092097 - ICQ ainda na atividade :)<br><a href="http://lucianoborguetti.blogspot.com/" target="_blank">http://lucianoborguetti.blogspot.com</a><br>
<br>Preconceito é opinião sem conhecimento.<br><br>:wq<br></div></div><br><br>_______________________________________________<br><a href="http://www.voipmania.com.br/" target="_blank">http://www.voipmania.com.br</a><br>Telefone IP sem fio Gigaset A580IP por 6 x R$59,90.<br>
Promoção por tempo limitado!<br>Acesse agora <a href="http://promo.voipmania.com.br/" target="_blank">http://promo.voipmania.com.br</a><br><br>_______________________________________________<br>Lista de discussões AsteriskBrasil.org<br>
<a href="mailto:AsteriskBrasil@listas.asteriskbrasil.org">AsteriskBrasil@listas.asteriskbrasil.org</a><br><a href="http://listas.asteriskbrasil.org/mailman/listinfo/asteriskbrasil" target="_blank">http://listas.asteriskbrasil.org/mailman/listinfo/asteriskbrasil</a><br>
</blockquote></div><br>