I noticed last night for two hours that the CPU of our FreePBX 15 server was past 50% for over 2 hours.
I searched the logs and this is what I found:
Feb 8 03:04:40 sbc in.tftpd[27181]: RRQ from 45.125.65.107 filename 00085DEF13DB.cfg
Feb 8 03:04:40 sbc in.tftpd[27181]: Client 45.125.65.107 File not found 00085DEF13DB.cfg
Feb 8 03:04:40 sbc in.tftpd[27182]: RRQ from 45.125.65.107 filename 00085DFBD9A3.cfg
Feb 8 03:04:40 sbc in.tftpd[27182]: Client 45.125.65.107 File not found 00085DFBD9A3.cfg
Feb 8 03:04:40 sbc in.tftpd[27183]: RRQ from 45.125.65.107 filename 00085DEC00D2.cfg
Feb 8 03:04:40 sbc in.tftpd[27183]: Client 45.125.65.107 File not found 00085DEC00D2.cfg
Feb 8 03:04:40 sbc in.tftpd[27184]: RRQ from 45.125.65.107 filename 00085DFC61CC.cfg
Feb 8 03:04:40 sbc in.tftpd[27184]: Client 45.125.65.107 File not found 00085DFC61CC.cfg
Feb 8 03:04:40 sbc in.tftpd[27185]: RRQ from 45.125.65.107 filename 00085DFFF954.cfg
Feb 8 03:04:40 sbc in.tftpd[27185]: Client 45.125.65.107 File not found 00085DFFF954.cfg
I have almost 400’000 lines like that!
I assume that TFTP provisioning has been explored.
How to disable TFTP completely on FreePBX 15?