How to stop anonymous accessing PBX from outside

Hello,

I am new to FreePBX Destro. I setup a server and can call internally. My server does not have incoming or outgoing trunks. Purely for Internal communication. From the screen console, I noticed a most of this status appearing. I felt that someone has access this server some outside. Can anyone help, how to get rid of this connection?

[2015-10-17 12:51:32] NOTICE[21768] res_pjsip/pjsip_distributor.c: Request from ‘“801” sip:[email protected]’ failed for ‘217.172.189.154:5092’ (callid: 421b016153d9d3c47b063466419f8a91) - No matching endpoint found
[2015-10-17 12:51:32] SECURITY[2292] res_security_log.c: SecurityEvent=“InvalidAccountID”,EventTV=“2015-10-17T12:51:32.112+0800”,Severity=“Error”,Service=“PJSIP”,EventVersion=“1”,AccountID=“801”,SessionID=“421b016153d9d3c47b063466419f8a91”,LocalAddress=“IPV4/UDP/10.100.0.211/5060”,RemoteAddress=“IPV4/UDP/217.172.189.154/5092”
[2015-10-17 12:51:32] SECURITY[2292] res_security_log.c: SecurityEvent=“ChallengeResponseFailed”,EventTV=“2015-10-17T12:51:32.112+0800”,Severity=“Error”,Service=“PJSIP”,EventVersion=“1”,AccountID="",SessionID=“421b016153d9d3c47b063466419f8a91”,LocalAddress=“IPV4/UDP/10.100.0.211/5060”,RemoteAddress=“IPV4/UDP/217.172.189.154/5092”,Challenge=“1445057491/44535e42d1e572795c29b2cbdc7a2827”,Response=“d8138a85654f221922b47f5932ae42b1”,ExpectedResponse=""
[2015-10-17 12:51:32] NOTICE[21768] res_pjsip/pjsip_distributor.c: Request from ‘“801” sip:[email protected]’ failed for ‘217.172.189.154:5092’ (callid: 421b016153d9d3c47b063466419f8a91) - No matching endpoint found
[2015-10-17 12:51:32] SECURITY[2292] res_security_log.c: SecurityEvent=“InvalidAccountID”,EventTV=“2015-10-17T12:51:32.558+0800”,Severity=“Error”,Service=“PJSIP”,EventVersion=“1”,AccountID=“801”,SessionID=“421b016153d9d3c47b063466419f8a91”,LocalAddress=“IPV4/UDP/10.100.0.211/5060”,RemoteAddress=“IPV4/UDP/217.172.189.154/5092”
[2015-10-17 12:51:32] SECURITY[2292] res_security_log.c: SecurityEvent=“ChallengeResponseFailed”,EventTV=“2015-10-17T12:51:32.558+0800”,Severity=“Error”,Service=“PJSIP”,EventVersion=“1”,AccountID="",SessionID=“421b016153d9d3c47b063466419f8a91”,LocalAddress=“IPV4/UDP/10.100.0.211/5060”,RemoteAddress=“IPV4/UDP/217.172.189.154/5092”,Challenge=“1445057492/c902f50e74c30cbb4eb742cfe86ae128”,Response=“fad7902e18faa3b6b69f2161164dee49”,ExpectedResponse=""
[2015-10-17 12:51:33] SECURITY[2292] res_security_log.c: SecurityEvent=“SuccessfulAuth”,EventTV=“2015-10-17T12:51:33.984+0800”,Severity=“Informational”,Service=“AMI”,EventVersion=“1”,AccountID=“admin”,SessionID=“0x7f00d80010a8”,LocalAddress=“IPV4/TCP/0.0.0.0/5038”,RemoteAddress=“IPV4/TCP/127.0.0.1/54937”,UsingPassword=“0”,SessionTV=“2015-10-17T12:51:33.984+0800”
[2015-10-17 12:52:05] SECURITY[2292] res_security_log.c: SecurityEvent=“SuccessfulAuth”,EventTV=“2015-10-17T12:52:05.412+0800”,Severity=“Informational”,Service=“AMI”,EventVersion=“1”,AccountID=“admin”,SessionID=“0x7f00d80010a8”,LocalAddress=“IPV4/TCP/0.0.0.0/5038”,RemoteAddress=“IPV4/TCP/127.0.0.1/54939”,UsingPassword=“0”,SessionTV=“2015-10-17T12:52:05.412+0800”

Regards,
Steven

This may seem a silly question, but if you’ve set up a server to be used solely for internal communication, why is it even exposed to the public internet? This sounds like a job for a firewall!

Maybe try to change asterisk default to something random ie. 55100
Just a thought.