FreePBX | Register | Issues | Wiki | Portal | Support

Debug src ip ", "Received incoming SIP connection from unknown peer to 123") in new stack"

(Dr Virus ) #1

Hey Folks ,
im checking logs on my asterisk and we are seeing two kind of hacking trials .

once as :
[2019-04-11 04:47:05] VERBOSE[7213][C-0000017a] pbx.c: Executing [s@from-sip-external:6] Log(“SIP/”, "WARNING,“Rejecting unknown SIP connection from"”) in new stack

and one as :

[2019-04-11 05:06:41] VERBOSE[9474][C-000001fb] pbx.c: Executing [123@from-sip-external:1] NoOp(“SIP/”, “Received incoming SIP connection from unknown peer to 123”) in new stack

note the 1st one we can know the src ip of attacker .

but the 2nd log we have see “unknown peer” " no attacker ip "

how can i debug the src ip of attacker so that in all cases we debug and see src ip who is sending calls to the server ?





it will see traffic even before it hits asterisk

(Dr Virus ) #3

i dont understand .

why some calls come with src ip and other calls without src ip ?!!

i think this option comes from freepbx not asterisk .

do you think we can tune freepbx to display that src ip in logs ?

(system) closed #4

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.