Hi, does any one know if there is a way in MTE to restrict an extension by an IP?
The idea is to restrict all the extensions that are not mobile to that so the brute force atack will be minimized only to the non restricted extensions.
Submitted by eeman on Tue, 09/14/2010
Permalink
Submitted by dbenders on Wed, 09/15/2010
Permalink
Hi Erik, thanks for the
Hi Erik, thanks for the answer.
Do you think that using the MTE Web Interface this can be done?
Maybe in the "Other options" inside the extensions edition page?
I agree with you that fail2ban will be very good. But also I think that restricting the IP's (if the customer just use the extensions from his office) will add a very good wall of security.
Submitted by eeman on Wed, 09/15/2010
Permalink
yes thats where it can be
yes thats where it can be done. using the ACLs just consumes more resources so just keep an eye on it
fail2ban is probably a better way to handle brute force attempts for MTE. You can do ACL's in sip.conf but that isnt going to scale to thousands of channel extensions.