When publishing a PBX on a public IP address, the task arises to protect the speaker from scanners, pests who are trying to pick up passwords to SIP PBX accounts. If a simple numeric password is set, it will be picked up very quickly, which will cause losses.
For basic protection against scanners, fail2ban must be enabled. Additionally, you can fine-tune the iptables rules.
Go to the "System file customization" section
"System file customization" section
Go to edit the /etc/firewall_additional file
File "/etc/firewall_additional"
Set the "Add to end of file" mode, insert the following code:
The code for the file "/etc/firewall_additional"
The added rule allows blocking all incoming requests over the UDP protocol that contain the substring "friendly-scanner"
A more complete example of a set of rules:
This will protect you from most scanners that I mention User-Agent when requesting.
