Alguém tem o passo a passo de instalação do Fail2ban?<br><br><div class="gmail_quote">Em 20 de abril de 2012 10:36, Gustavo Fernandes <span dir="ltr"><<a href="mailto:gustavocearasc@hotmail.com">gustavocearasc@hotmail.com</a>></span> escreveu:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div dir="ltr">
Srs,<br><br>Instalei o Fail2ban para bloquear ataques no asterisk. Problema que o mesmo não esta bloqueando os ataques. Segue abaixo meus arquivos de configuração:<br><br>jail.conf<br><br>[asterisk-iptables]<br><br>enabled = true<br>
filter = asterisk<br>action = iptables-allports[name=ASTERISK, protocol=all]<br> sendmail-whois[name=ASTERISK, dest=root, sender=<a href="mailto:gustavo.fernandes@tbmtextil.com.br" target="_blank">gustavo.fernandes@tbmtextil.com.br</a>]<br>
logpath = /var/log/asterisk/full<br>maxretry = 5<br>bantime = 259200<br><br><br>/etc/fail2ban/filter.d/asterisk.conf<br><br>[Definition]<br><br>#_daemon = asterisk<br><br># Option: failregex<br># Notes.: regex to match the password failures messages in the logfile. The<br>
# host must be matched by a group named "host". The tag "<HOST>" can<br># be used for standard IP/hostname matching and is only an alias for<br># (?:::f{4,6}:)?(?P<host>\S+)<br>
# Values: TEXT<br>#<br><br>failregex = NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Wrong password<br> NOTICE.* .*: Registration from '.*' failed for '<HOST>' - No matching peer found<br>
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Username/auth name mismatch<br> NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Device does not match ACL<br>
NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Peer is not supposed to register<br> NOTICE.* <HOST> failed to authenticate as '.*'$<br> NOTICE.* .*: No registration for peer '.*' \(from <HOST>\)<br>
NOTICE.* .*: Host <HOST> failed MD5 authentication for '.*' (.*)<br> NOTICE.* .*: Failed to authenticate user .*@<HOST>.*<br> NOTICE.* .*: Registration from '\".*\".*' failed for '<HOST>' - No matching peer found<br>
NOTICE.* .*: Registration from '\".*\".*' failed for '<HOST>' - Wrong password<br># Option: ignoreregex<br># Notes.: regex to ignore. If this regex matches, the line is ignored.<br>
# Values: TEXT<br>#<br>ignoreregex =<br><br>ALGUMA DICA?<br><br><br><br> </div></div>
<br>_______________________________________________<br>
KHOMP Inovação: External Board Series<br>
Módulos de 1/2 rack e 1U para todas as interfaces e soluções Asterisk e FreeSWITCH.<br>
Tenha a External Series Experience na sua aplicação. Visite <a href="http://www.khomp.com" target="_blank">www.khomp.com</a><br>
_______________________________________________<br>
DIGIVOICE Fabricante de Placas de Voz e Channel Bank<br>
20 anos de experiência com E1(R2/ISDN), FXS, FXO e GSM<br>
Contato <a href="tel:%2811%29%203016-5200" value="+551130165200">(11) 3016-5200</a> – Site <a href="http://www.digivoice.com.br" target="_blank">www.digivoice.com.br</a><br>
________<br>
YEALINK: Telefones IP e VídeoPhones IP com o melhor custo/benefício do mercado.<br>
email: <a href="mailto:yealink@commlogik.com.br">yealink@commlogik.com.br</a> | <a href="http://www.commlogik.com.br" target="_blank">www.commlogik.com.br</a> | <a href="tel:%2811%29%205503-1011" value="+551155031011">(11) 5503-1011</a><br>
______________________________________________<br>
Para remover seu email desta lista, basta enviar um email em branco para <a href="mailto:asteriskbrasil-unsubscribe@listas.asteriskbrasil.org">asteriskbrasil-unsubscribe@listas.asteriskbrasil.org</a><br></blockquote></div>
<br><br clear="all"><div><br></div>-- <br>ALCLICIO VIEIRA,<br>ITIL® V3 Certification,<br>Crea-DF 10476 Telecom<br><br><div><span style="color:rgb(0,64,128);font-family:Arial,sans-serif;line-height:16px;background-color:rgb(255,255,255)">Phone:55 </span><a value="+551140633631" style="color:rgb(0,0,204);font-family:Arial,sans-serif;line-height:16px;background-color:rgb(255,255,255)">(11) 3509-2505</a><span style="color:rgb(0,64,128);font-family:Arial,sans-serif;line-height:16px;background-color:rgb(255,255,255)"> - São Paulo</span><br style="color:rgb(0,64,128);font-family:Arial,sans-serif;line-height:16px;background-color:rgb(255,255,255)">
<span style="color:rgb(0,64,128);font-family:Arial,sans-serif;line-height:16px;background-color:rgb(255,255,255)">Phone</span><span style="color:rgb(0,64,128);font-family:Arial,sans-serif;line-height:16px;background-color:rgb(255,255,255)">:55 </span><a value="+556140638362" style="color:rgb(0,0,204);font-family:Arial,sans-serif;line-height:16px;background-color:rgb(255,255,255)">(61) 4063-7110</a><span style="color:rgb(0,64,128);font-family:Arial,sans-serif;line-height:16px;background-color:rgb(255,255,255)"> - Brasília</span><br style="color:rgb(0,64,128);font-family:Arial,sans-serif;line-height:16px;background-color:rgb(255,255,255)">
<div><span style="background-color:rgb(255,255,255);color:rgb(0,64,128);font-family:Arial,sans-serif;line-height:16px">Phone</span><span style="background-color:rgb(255,255,255);color:rgb(0,64,128);font-family:Arial,sans-serif;line-height:16px">:55 </span><a value="+558540628362" style="background-color:rgb(255,255,255);color:rgb(0,0,204);font-family:Arial,sans-serif;line-height:16px">(62) 3416-7800 </a><span style="background-color:rgb(255,255,255);color:rgb(0,64,128);font-family:Arial,sans-serif;line-height:16px">- Goiás</span> <br>
<div><div><br><br></div></div></div></div><br>