Hello everyone,
I ask your help because I am victim of bruteforce attack attempts. I followed a guide on computingforgeeks.com to secure my server against bruteforce attack.
On Asterisk Logfile I can found this :
[2020-04-10 09:31:05] NOTICE[19549] manager.c: 167.71.71.30 tried to authenticate with nonexistent user ‘livechat’
[2020-04-10 09:31:05] NOTICE[19549] manager.c: 167.71.71.30 failed to authenticate as ‘livechat’
[2020-04-10 09:31:05] NOTICE[19550] manager.c: 204.48.26.95 tried to authenticate with nonexistent user ‘ripencc’
[2020-04-10 09:31:05] NOTICE[19550] manager.c: 204.48.26.95 failed to authenticate as ‘ripencc’
I have Debian 9 with fail2ban. On thie file "Module: “Asterisk Logfiles”, File: “/var/www/html/admin/modules/logfiles/etc/logger.conf altered” I added : fail2ban => notice, security
My jail:
[asterisk]
enabled = true
ignoreip = myPublicIP
filter = asterisk
action = iptables-allports[name=asterisk, protocol=all]
logpath = /var/log/asterisk/fail2ban
findtime = 7200
maxretry = 3
bantime = 864000
Could you help me to complete the secure ?
Thank