I am seeing hundreds of suspicious messages in the Asterisk Log File full on a server. It is Asterisk 2.9 and is very old right now. I am working on updating our installation and am very new at this.
/var/log/asterisk/ tail -f full
[2015-10-11 11:20:07] NOTICE chan_sip.c: Registration from ‘“9090” sip:[email protected]:5060’ failed for ‘126.96.36.199:5082’ - No matching peer found
They appear to own very large domain ranges.
Net Range 188.8.131.52 - 184.108.40.206
Net Range 220.127.116.11 - 18.104.22.168
Net Range 22.214.171.124 - 126.96.36.199
They do not appear to be getting through and hacking our trunks
We were going to block these IP Ranges in our firewall. Does anyone know any negative affects this may have?
Brief searches show other folks have had RIPE associated with hacking. Has anyone else experienced anything like this?
Thanks in advance if you can help.