dbxe
/
fusionpbx-install.sh
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,413 Commits 1 Branch 1 Tag 15 MiB
Commit Graph

68 Commits

Author SHA1 Message Date
FusionPBX 3c37dc1d51
Update jail.local 2020-02-19 16:41:55 -07:00
FusionPBX 51328bb5c8
Update jail.local 2019-11-27 17:04:40 -07:00
FusionPBX 6fb47856fb
Update jail.local 2019-11-27 17:00:07 -07:00
FusionPBX 9badac0e9d
Update auth-challenge-ip.conf 2019-05-07 23:03:15 -06:00
FusionPBX 319e5797c7
Update auth-challenge-ip.conf 2019-04-19 09:47:35 -06:00
FusionPBX 0a9359728a
Update jail.local 2018-10-11 12:25:37 -06:00
danry25 009702bd12 Changed Fail2ban settings, updated Readme (#191) 
* Made fail2ban settings more consistent across OSes, disabled HTTP ratelimit permaban on Debian as auto-refresh behaviour in FusionPBX can trigger it.

* Increase nginx-404 ban back to 1 hour
 2018-10-11 12:22:35 -06:00
FusionPBX b71b241aac
Update jail.local 2018-08-11 15:22:30 -06:00
FusionPBX 0242ce3cc2
Update auth-challenge-ip.conf 2018-07-11 22:28:14 -06:00
FusionPBX 62a470dcc3
Update jail.local 2018-07-11 19:25:55 -06:00
FusionPBX ea93d7dc5d
Rename sip-auth-challenge-ip.conf to auth-challenge-ip.conf 2018-07-11 18:15:20 -06:00
FusionPBX eb393b2ae1
Update jail.local 2018-07-11 18:14:57 -06:00
FusionPBX 7a5ff0f39c
Update jail.local 2018-07-11 17:59:55 -06:00
FusionPBX 7cd0c465f2
Update jail.local 2018-07-11 17:48:14 -06:00
FusionPBX a7a2cb0318
Update jail.local 2018-07-11 17:47:06 -06:00
FusionPBX 88a08226e2
Update jail.local 2018-07-11 17:43:07 -06:00
FusionPBX fa1fa58127
Update jail.local 2018-07-11 17:35:22 -06:00
FusionPBX 868053c018
Update jail.local 2018-07-11 17:34:57 -06:00
FusionPBX 411af39f90
Create sip-auth-challenge-ip.conf 2018-07-11 17:17:19 -06:00
FusionPBX 6d5211ccfe
Rename sip-auth_failure.conf to sip-auth-failure.conf 2018-05-02 15:04:00 -06:00
FusionPBX 1cf12bab2c
Rename sip-auth_challenge.conf to sip-auth-challenge.conf 2018-05-02 15:03:42 -06:00
FusionPBX 86151d2661
Update jail.local 2018-05-02 15:02:40 -06:00
FusionPBX a496aff23a
Rename freeswitch-auth_challenge.conf to sip-auth_challenge.conf 2018-05-02 15:00:06 -06:00
FusionPBX f9697e3df7
Rename freeswitch-auth_failure.conf to sip-auth_failure.conf 2018-05-02 14:59:48 -06:00
FusionPBX 371ca9f63f
Update jail.local 2018-05-02 14:07:52 -06:00
FusionPBX 7ad7516c35
Update jail.local 2018-05-02 14:02:28 -06:00
FusionPBX 1389ff9066
Rename freeswitch-sip_auth_challenge.conf to freeswitch-auth_challenge.conf 2018-05-02 14:01:15 -06:00
FusionPBX a231899789
Rename freeswitch-sip_auth_failure.conf to freeswitch-auth_failure.conf 2018-05-02 14:00:55 -06:00
FusionPBX dc0ea82a05
Update jail.local 2018-05-02 13:26:22 -06:00
FusionPBX 03ff98bf8f
Rename freeswitch-dos.conf to freeswitch-sip_auth_failure.conf 2018-05-02 13:19:27 -06:00
FusionPBX c4c8e811d1
Create freeswitch-sip_auth_challenge.conf 2018-05-02 13:18:22 -06:00
FusionPBX 2d93a708e5
Update jail.local 2018-04-17 13:56:01 -06:00
FusionPBX 6e49545f15
Update jail.local 2018-01-20 20:11:13 -07:00
FusionPBX ddd121c997
Rename freeswitch-404.conf to fusionpbx-404.conf 2018-01-20 20:06:44 -07:00
FusionPBX 1a95aeb331
Fail2ban - Fix the delimitter for the port range in jail.local. 2017-11-29 22:26:02 -07:00
FusionPBX 21512467a7
Update jail.local 2017-11-29 19:43:52 -07:00
FusionPBX fe95015dc7
Update jail.local 2017-11-28 23:02:20 -07:00
FusionPBX 78875548ae
Update jail.local 2017-11-28 22:52:03 -07:00
FusionPBX 37ecd268db Update jail.local 2017-10-09 11:33:17 -06:00
FusionPBX 609ae00d86 Rename fusionpbx-invalid-mac.conf to fusionpbx-mac.conf 2017-10-09 11:32:37 -06:00
FusionPBX 98e1afe8fe Update jail.local 2017-10-08 23:58:24 -06:00
FusionPBX aa78b22568 Update jail.local 2017-10-08 23:49:05 -06:00
FusionPBX f91c4d3fb6 Update jail.local 2017-10-08 23:24:23 -06:00
FusionPBX f78137a767 Create fusionpbx-invalid-mac.conf 2017-10-08 22:43:19 -06:00
FusionPBX b0d9c28ab4 Update jail.local 2017-10-08 22:31:50 -06:00
FusionPBX d7273a3f5a Update jail.local 2017-10-08 22:29:31 -06:00
emaktech a33131c8be Ban on auth failure instead of challenge (#113) 
Default fail2ban DoS ruleset looks for auth challenges, but auth challenges can be either successful or unsuccessful. Default rule causes problems with larger environments with many registered devices as they have many successful auth challenges with short registration periods.

By the time auth challenges can be made successfully in volume, it's far too late to be worrying about a DoS or brute force attempt - it's already too late. Rule change here will reduce false positives while still providing same level of useful protection.

Maybe also consider reducing maxretry count or increasing findtime in jail.local to catch true failed auth brute force or DoS attempts more easily in conjunction with above change.

This will be more sensitive in detection and should carry lower false positive rate.
 2017-09-02 09:09:07 -06:00
FusionPBX db6815d315 Update jail.local 2017-06-06 23:15:08 -06:00
root 16451807dd update the file permissions 2017-03-05 06:11:42 +00:00
FusionPBX e9a1ed3038 jail.local disable the ip ban by default 
I think this is stopping beginners. Easy to enable.
 2017-01-15 00:54:59 -07:00