Reply To: Where should I block attackers

No. The best place to block attackers is at the network edge; i.e. at your firewall.

Although SecAst supports using iptables to block IP’s at the PBX, it does so primarily for testing / prototypes / proof of concepts etc. In general you should not allow attackers that far into your network.

SecAst is designed to block attackers at the firewall, and is compatible with most firewalls through its event handler system. SecAst includes a sample event handler for the ‘Mikrotik’ and ‘pfSense’ firewalls, and these scripts can be modified for most other firewalls. We also invite customers to submit their firewall event handlers to become templates for other users.