[AsteriskBrasil] (URGENTE) Tentativa de Invasão?

[brunoantognolli em email.com]

Pessoal, estava olhando o Log do Asterisk e ví a seguinte msg:

[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password
[Jan 22 10:00:25] NOTICE[14350]: chan_sip.c:15593 handle_request_register: Registration from '"1013" <sip:1013 em XXX.XXX.XXX.XXX>' failed for '174.129.173.249' - Wrong password

Notem que em 1 segundo o "invasor" tentou várias vezes se registrar no sip 1013 (através do método BruteForce) pelo meu link do speedy. O IP do "invasor" é 174.129.173.249.

Isso seria uma tentativa de invasão? 

Se sim, como ele conseguiu acesso aos meus ramais SIP?
O que preciso fazer para tirar esse cara da rede?

Em uma pesquisa rápida descobri que esse IP é de Washington.
http://www.botsvsbrowsers.com/ip/174.129.173.249/index.html

Estou alarmado a toa ou é realmente uma tentativa de invasão?

Obrigado lista.
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: http://listas.asteriskbrasil.org/pipermail/asteriskbrasil/attachments/20100122/944b4a04/attachment-0001.htm