restamp
Member
- Joined
- Apr 24, 2016
- Messages
- 97
- Reaction score
- 53
After installing a whole enchilada 13-13 field server recently (Thanks Ward!) I noticed some rats starting to nibble around open port 2000:
[2018-03-31 06:33:16] NOTICE[31797] chan_skinny.c: Starting Skinny session from 77.72.83.153
[2018-03-31 06:33:16] WARNING[31797] chan_skinny.c: Skinny packet too large (788529159 bytes), max length(2000 bytes)
[2018-03-31 06:33:16] NOTICE[31797] chan_skinny.c: Skinny Session returned: Success
[2018-03-31 06:33:16] NOTICE[31797] chan_skinny.c: Ending Skinny session from unknown at 77.72.83.153
Since I am not using either the skinny or SCCP protocols -- I think Cisco phones make use of them -- I closed port 2000 (/usr/local/sbin/iptables-custom) and excluded module chan_skinny.so in Admin > Asterisk Modules.
You may want to consider a similar remediation as well if you are not using chan_skinny.
[2018-03-31 06:33:16] NOTICE[31797] chan_skinny.c: Starting Skinny session from 77.72.83.153
[2018-03-31 06:33:16] WARNING[31797] chan_skinny.c: Skinny packet too large (788529159 bytes), max length(2000 bytes)
[2018-03-31 06:33:16] NOTICE[31797] chan_skinny.c: Skinny Session returned: Success
[2018-03-31 06:33:16] NOTICE[31797] chan_skinny.c: Ending Skinny session from unknown at 77.72.83.153
Since I am not using either the skinny or SCCP protocols -- I think Cisco phones make use of them -- I closed port 2000 (/usr/local/sbin/iptables-custom) and excluded module chan_skinny.so in Admin > Asterisk Modules.
You may want to consider a similar remediation as well if you are not using chan_skinny.