nsinnovations/fusionpbx-install.sh
Public Access
2
0
Fork 0
forked from norman/fusionpbx-install.sh-github-mirror
Code Pull Requests Activity
1,515 Commits 4 Branches 1 Tag
bb6cfd01b7e21f2d255104c7f966103e39b4a128
Commit Graph

71 Commits

Author SHA1 Message Date
FusionPBX
bb6cfd01b7 Add the new freeswitch-acl filter to jail.local. 2021-02-03 17:45:23 -07:00
FusionPBX
7346df61a3 New fail2ban filter for Rejected by register acl 2021-02-03 17:38:10 -07:00
FusionPBX
6abe7cd360 Set findtime to 60 (one minute) to make it simple to understand. 2020-08-07 10:50:52 -06:00
FusionPBX
3c37dc1d51 Update jail.local 2020-02-19 16:41:55 -07:00
FusionPBX
51328bb5c8 Update jail.local 2019-11-27 17:04:40 -07:00
FusionPBX
6fb47856fb Update jail.local 2019-11-27 17:00:07 -07:00
FusionPBX
9badac0e9d Update auth-challenge-ip.conf 2019-05-07 23:03:15 -06:00
FusionPBX
319e5797c7 Update auth-challenge-ip.conf 2019-04-19 09:47:35 -06:00
FusionPBX
0a9359728a Update jail.local 2018-10-11 12:25:37 -06:00
danry25
009702bd12 Changed Fail2ban settings, updated Readme (#191) 
* Made fail2ban settings more consistent across OSes, disabled HTTP ratelimit permaban on Debian as auto-refresh behaviour in FusionPBX can trigger it.

* Increase nginx-404 ban back to 1 hour
 2018-10-11 12:22:35 -06:00
FusionPBX
b71b241aac Update jail.local 2018-08-11 15:22:30 -06:00
FusionPBX
0242ce3cc2 Update auth-challenge-ip.conf 2018-07-11 22:28:14 -06:00
FusionPBX
62a470dcc3 Update jail.local 2018-07-11 19:25:55 -06:00
FusionPBX
ea93d7dc5d Rename sip-auth-challenge-ip.conf to auth-challenge-ip.conf 2018-07-11 18:15:20 -06:00
FusionPBX
eb393b2ae1 Update jail.local 2018-07-11 18:14:57 -06:00
FusionPBX
7a5ff0f39c Update jail.local 2018-07-11 17:59:55 -06:00
FusionPBX
7cd0c465f2 Update jail.local 2018-07-11 17:48:14 -06:00
FusionPBX
a7a2cb0318 Update jail.local 2018-07-11 17:47:06 -06:00
FusionPBX
88a08226e2 Update jail.local 2018-07-11 17:43:07 -06:00
FusionPBX
fa1fa58127 Update jail.local 2018-07-11 17:35:22 -06:00
FusionPBX
868053c018 Update jail.local 2018-07-11 17:34:57 -06:00
FusionPBX
411af39f90 Create sip-auth-challenge-ip.conf 2018-07-11 17:17:19 -06:00
FusionPBX
6d5211ccfe Rename sip-auth_failure.conf to sip-auth-failure.conf 2018-05-02 15:04:00 -06:00
FusionPBX
1cf12bab2c Rename sip-auth_challenge.conf to sip-auth-challenge.conf 2018-05-02 15:03:42 -06:00
FusionPBX
86151d2661 Update jail.local 2018-05-02 15:02:40 -06:00
FusionPBX
a496aff23a Rename freeswitch-auth_challenge.conf to sip-auth_challenge.conf 2018-05-02 15:00:06 -06:00
FusionPBX
f9697e3df7 Rename freeswitch-auth_failure.conf to sip-auth_failure.conf 2018-05-02 14:59:48 -06:00
FusionPBX
371ca9f63f Update jail.local 2018-05-02 14:07:52 -06:00
FusionPBX
7ad7516c35 Update jail.local 2018-05-02 14:02:28 -06:00
FusionPBX
1389ff9066 Rename freeswitch-sip_auth_challenge.conf to freeswitch-auth_challenge.conf 2018-05-02 14:01:15 -06:00
FusionPBX
a231899789 Rename freeswitch-sip_auth_failure.conf to freeswitch-auth_failure.conf 2018-05-02 14:00:55 -06:00
FusionPBX
dc0ea82a05 Update jail.local 2018-05-02 13:26:22 -06:00
FusionPBX
03ff98bf8f Rename freeswitch-dos.conf to freeswitch-sip_auth_failure.conf 2018-05-02 13:19:27 -06:00
FusionPBX
c4c8e811d1 Create freeswitch-sip_auth_challenge.conf 2018-05-02 13:18:22 -06:00
FusionPBX
2d93a708e5 Update jail.local 2018-04-17 13:56:01 -06:00
FusionPBX
6e49545f15 Update jail.local 2018-01-20 20:11:13 -07:00
FusionPBX
ddd121c997 Rename freeswitch-404.conf to fusionpbx-404.conf 2018-01-20 20:06:44 -07:00
FusionPBX
1a95aeb331 Fail2ban - Fix the delimitter for the port range in jail.local. 2017-11-29 22:26:02 -07:00
FusionPBX
21512467a7 Update jail.local 2017-11-29 19:43:52 -07:00
FusionPBX
fe95015dc7 Update jail.local 2017-11-28 23:02:20 -07:00
FusionPBX
78875548ae Update jail.local 2017-11-28 22:52:03 -07:00
FusionPBX
37ecd268db Update jail.local 2017-10-09 11:33:17 -06:00
FusionPBX
609ae00d86 Rename fusionpbx-invalid-mac.conf to fusionpbx-mac.conf 2017-10-09 11:32:37 -06:00
FusionPBX
98e1afe8fe Update jail.local 2017-10-08 23:58:24 -06:00
FusionPBX
aa78b22568 Update jail.local 2017-10-08 23:49:05 -06:00
FusionPBX
f91c4d3fb6 Update jail.local 2017-10-08 23:24:23 -06:00
FusionPBX
f78137a767 Create fusionpbx-invalid-mac.conf 2017-10-08 22:43:19 -06:00
FusionPBX
b0d9c28ab4 Update jail.local 2017-10-08 22:31:50 -06:00
FusionPBX
d7273a3f5a Update jail.local 2017-10-08 22:29:31 -06:00
emaktech
a33131c8be Ban on auth failure instead of challenge (#113) 
Default fail2ban DoS ruleset looks for auth challenges, but auth challenges can be either successful or unsuccessful. Default rule causes problems with larger environments with many registered devices as they have many successful auth challenges with short registration periods.

By the time auth challenges can be made successfully in volume, it's far too late to be worrying about a DoS or brute force attempt - it's already too late. Rule change here will reduce false positives while still providing same level of useful protection.

Maybe also consider reducing maxretry count or increasing findtime in jail.local to catch true failed auth brute force or DoS attempts more easily in conjunction with above change.

This will be more sensitive in detection and should carry lower false positive rate.
 2017-09-02 09:09:07 -06:00