about Notice message

VitalPBX Community Support General Discussion about Notice message

  • Post
    Will
    Participant
    Up
    0
    Down
    Hello,

    When I use command “asterisk -vvvr “, I can see some messages like these:

    [2021-07-01 23:41:40] NOTICE[18003]: manager.c:3447 authenticate: 149.7.16.12 tried to authenticate with nonexistent user ‘admin’

    [2021-07-01 23:41:40] NOTICE[18003]: manager.c:3484 authenticate: 149.7.16.12 failed to authenticate as ‘admin’
    [2021-07-01 23:43:11] NOTICE[18113]: manager.c:3447 authenticate: 192.228.100.100 tried to authenticate with nonexistent user ‘Fpbx’
    [2021-07-01 23:43:11] NOTICE[18113]: manager.c:3484 authenticate: 192.228.100.100 failed to authenticate as ‘Fpbx’

     

    It comes up about every 15 minutes. Is someone trying to hack into my server? What should I do to prevent this?  I already enable the service firewalld and fail2ban.

    Thank you.

     

    0
Viewing 2 replies - 1 through 2 (of 2 total)
  • Replies
    Up
    0
    Down
    Here is a list of the best practices you can have when securing your VitalPBX.

    • Use the lines “permit =” and “deny =” in sip.conf
    • Limit registration by extensions using Bind Address.
    • Make it harder for sip scanners (Set “alwaysauthreject=yes” )
    • Change the SIP, IAX2, PJSIP, and SSH ports.
    • Limit ports to only the ones you need.
    • Activate the Firewall and try to place your PBX behind a Firewall and SBC.
    • Use Fail2ban to automatically detect malicious attempts to enter your PBX.
    1
    Will
    Participant
    Up
    0
    Down
    Thanks. The info is very useful.

    I manage to fix it by changing the “bindaddr = 0.0.0.0” to  “bindaddr = 127.0.0.1” in “/etc/asterisk/ombutel/manager__10-general.conf”.

    And then I restart it using core restart gracefully.

     

    0
Viewing 2 replies - 1 through 2 (of 2 total)
  • The forum ‘General Discussion’ is closed to new topics and replies.