I am seeing hundreds of suspicious messages in the Asterisk Log File full on a server. It is Asterisk 2.9 and is very old right now. I am working on updating our installation and am very new at this.
/var/log/asterisk/ tail -f full
Such as:
[2015-10-11 11:20:07] NOTICE[2813] chan_sip.c: Registration from ‘“9090” sip:[email protected]:5060’ failed for ‘46.166.165.117:5082’ - No matching peer found
They appear to own very large domain ranges.
Net Range 212.0.0.0 - 212.255.255.255
Net Range 46.0.0.0 - 46.255.255.255
Net Range 146.0.0.0 - 146.0.255.255
They do not appear to be getting through and hacking our trunks
We were going to block these IP Ranges in our firewall. Does anyone know any negative affects this may have?
Brief searches show other folks have had RIPE associated with hacking. Has anyone else experienced anything like this?
Thanks in advance if you can help.