On NS8 with active NethVoice modules, you can observe log entries like the following:
May 21 14:53:33 VoipTest freepbx[349589]: [2025-05-21 14:53:33] #033[1;33mNOTICE#033[0m[150]: #033[1;37mchan_sip.c#033[0m:#033[1;37m29058#033[0m #033[1;37mhandle_request_register#033[0m: Registration from '<sip:1951@99.88.77.66>' failed for '137.184.125.78:50527' - Wrong password
May 21 14:53:33 VoipTest freepbx[349589]: [2025-05-21 14:53:33] #033[1;33mNOTICE#033[0m[150]: #033[1;37mchan_sip.c#033[0m:#033[1;37m29058#033[0m #033[1;37mhandle_request_register#033[0m: Registration from '<sip:5829@99.88.77.66>' failed for '137.184.125.78:51309' - Wrong password
May 21 14:53:35 VoipTest freepbx[349589]: [2025-05-21 14:53:35] #033[1;33mNOTICE#033[0m[150]: #033[1;37mchan_sip.c#033[0m:#033[1;37m29058#033[0m #033[1;37mhandle_request_register#033[0m: Registration from '<sip:9224@99.88.77.66>' failed for '137.184.125.78:53068' - Wrong password
May 21 14:53:35 VoipTest freepbx[349589]: [2025-05-21 14:53:35] #033[1;33mNOTICE#033[0m[150]: #033[1;37mchan_sip.c#033[0m:#033[1;37m29058#033[0m #033[1;37mhandle_request_register#033[0m: Registration from '<sip:14405@99.88.77.66>' failed for '137.184.125.78:53268' - Wrong password
These are illegitimate SIP registration attempts and should be blocked by CrowdSec.
However, they are currently not detected or banned.
While the Asterisk collection is available for CrowdSec, it is not enabled by default, even after enabling it, these log lines still do not trigger any ban.
Components
mattermost conversation
On NS8 with active NethVoice modules, you can observe log entries like the following:
These are illegitimate SIP registration attempts and should be blocked by CrowdSec.
However, they are currently not detected or banned.
While the Asterisk collection is available for CrowdSec, it is not enabled by default, even after enabling it, these log lines still do not trigger any ban.
Components
mattermost conversation