I'm still new to Asterisk/Elastix and apologize if this question is misplaced.
Recently one of our larger clients was hacked and we remedied the situation by enabling fail2ban. It seemed to have stopped the hackers from trying to register extensions but I still suspect that the server is under some sort of attack.
There is a constant stream of WARNINGs in the Asterisk CLI stating something along the lines of:
WARNING[2184]: chan_sip.c:3755 __sip_xmit: sip_xmit of ... (len 371) to (null) returned -1: Invalid argument
There are about 3 to 5 of these warnings each second and I am concerned that it will affect quality of service or lead the company to be victims of fraudsters.
Could the warnings be the result of an improperly configured PBX or could it be a possible attack?
The clients current setup is as follows:
- Elastix 4.0.74
- Asterisk 11.20.0
See screenshot of warning messages in CLI below:
Thanks in advance.
