Fail2ban is an awesome tool to add to your firewalls toolbox or PBX server. While there is nothing bullet-proof in the real world, we can encourage traffic to be detoured away from our servers by not making them an easy target to probe. That said, installing fail2ban is simple. These instructions assume you are using CentOS.
Open a terminal and type:
yum -y install fail2ban
use nano or vi to edit /etc/fail2ban/jail.conf
Enable only the services you need to protect or you will be increasing the CPU and RAM load.
For instance to protect Asterisk add this to the bottom of the file:
[asterisk-iptables] enabled = true filter = asterisk action = iptables-allports[name=ASTERISK, protocol=all] sendmail-whois[name=ASTERISK, dest=your@emailaddress.com, sender=yourpbx@example.com] logpath = /var/log/asterisk/full maxretry = 3 bantime = 25920000