I just received a strange email that I’ve never seen before and it looks like it may have been a hack attempt on our FreePBX system.
The email appears to have come from our FreePBX system inside.
[Fail2Ban] SIP: banned 10.10.10.3 on localhost
The IP 10.10.10.3 has just been banned by Fail2Ban after
8 attempts against SIP on localhost.
We don’t even use that internal IP subnet on our network.
Not sure what to look at. I’m a “basic” FreePBX administrator so any suggestions will be appreciated!