48 Hours with APIBAN

Summary


In this experiment, we will be testing the effectiveness of the APIBAN and see if it can single-handedly protect our server from the bad SIP traffic. It will be integrated with Asterisk PBX running on CentOS 7.

We installed Asterisk-18-rc1 on Centos 7 to collect the stats for APIBAN. LibreNMS was used to monitor all the metrics of the server running Asterisk. Asterisk PBX was configured with very basic configuration which is as follow –
1. It accepts all the SIP invites, pick up call and play an audio file (tt-monkeys)
2. Several SIP peers were configured with no password on them.

The server in the current state without APIBAN or any firewall was left open for 2 days i.e from September 18, 2020 to September 20, 2020 , The following graphs show the metrics captured by LibreNMS during that time frame.

Overall Network Traffic from September 18, 2020, to September 20, 2020
Continue reading “48 Hours with APIBAN”