Asterisk-User-Group.DE

Code: Alles auswählen

U 2013/12/13 07:44:34.980522 178.63.55.19:5061 -> 81.20.137.202:5060
REGISTER sip:81.20.137.202:5060 SIP/2.0.
Via: SIP/2.0/UDP 178.63.55.19:5061;branch=z9hG4bK47671201ad6fb50648752aaacd3;rport.
From: "5682" <sip:5682@81.20.137.202:5060>;tag=47671211ad75fd7.
To: "5682" <sip:5682@81.20.137.202:5060>.
Call-ID: 1ad6fa08-1e85b6487-52aaacd3@81.20.137.202.
CSeq: 22 REGISTER.
Contact: "5682" <sip:5682@178.63.55.19:5061>.
Authorization: Digest username="5682", realm="81.20.137.202", nonce="UqquAFKqrNTOFkNWLT3eHAAogrHlu+zM", uri="sip:81.20.137.202", response="b8fd9e4800ea06399006435500e8179b", algorithm=MD5.
User-Agent: VaxSIPUserAgent/3.1.
Expires: 1800.
Max-Forwards: 70.
Content-Length: 0.

Code: Alles auswählen

Hi Rainer,

The IP 137.135.160.44 has just been banned by Fail2Ban after
1 attempts against KAMAILIO.


Here are more information about 137.135.160.44:


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous.  The query is assumed to be:
#     "n 137.135.160.44"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=137.135.160.44?showDetails=true&showARIN=false&ext=netref2
#

NetRange:       137.135.0.0 - 137.135.255.255
CIDR:           137.135.0.0/16
OriginAS:       
NetName:        MICROSOFT
NetHandle:      NET-137-135-0-0-1
Parent:         NET-137-0-0-0-0
NetType:        Direct Assignment
RegDate:        2011-06-22
Updated:        2013-08-20
Ref:            http://whois.arin.net/rest/net/NET-137-135-0-0-1

OrgName:        Microsoft Corp
OrgId:          MSFT-Z
Address:        One Microsoft Way
City:           Redmond
StateProv:      WA
PostalCode:     98052
Country:        US
RegDate:        2011-06-22
Updated:        2013-10-03
Comment:        To report suspected security issues specific to 
Comment:        traffic emanating from Microsoft online services, 
Comment:        including the distribution of malicious content 
Comment:        or other illicit or illegal material through a 
Comment:        Microsoft online service, please submit reports 
Comment:        to:
Comment:        * https://cert.microsoft.com.  
Comment:        
Comment:        For SPAM and other abuse issues, such as Microsoft 
Comment:        Accounts, please contact:
Comment:        * abuse@microsoft.com.  
Comment:        
Comment:        To report security vulnerabilities in Microsoft 
Comment:        products and services, please contact:
Comment:        * secure@microsoft.com.  
Comment:        
Comment:        For legal and law enforcement-related requests, 
Comment:        please contact:
Comment:        * msndcc@microsoft.com
Comment:        
Comment:        For routing, peering or DNS issues, please 
Comment:        contact:
Comment:        * IOC@microsoft.com
Ref:            http://whois.arin.net/rest/org/MSFT-Z

OrgAbuseHandle: MAC74-ARIN
OrgAbuseName:   Microsoft Abuse Contact
OrgAbusePhone:  +1-425-882-8080 
OrgAbuseEmail:  abuse@microsoft.com
OrgAbuseRef:    http://whois.arin.net/rest/poc/MAC74-ARIN

OrgTechHandle: MRPD-ARIN
OrgTechName:   Microsoft Routing, Peering, and DNS
OrgTechPhone:  +1-425-882-8080 
OrgTechEmail:  IOC@microsoft.com
OrgTechRef:    http://whois.arin.net/rest/poc/MRPD-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban