I'm looking for methods (iptables rules, etc...) to prevent the asterisk version from showing on a nmap udp scan without closing (drop) the port. If I open it for some ip address, a nmap udp scan to port 5060 from this ip address can resolve the asterisk version(nmap -sU -sV -p 5060 <ipaddress>):
PORT STATE SERVICE VERSION
5060/udp open sip Asterisk PBX 1.8.13.0
Is there some way that only shows port 5060 open? Is it possible to hide this asterisk info or change it?
I think you can use pbx info by followin in sip.conf
useragent=SIPClient XXX
But actualy on my host that command show:
[root@pro-sip ~]# nmap -sU -sV -p 5060 78.47.XXX.XXX
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2012-12-05 22:35 UTC
Interesting ports on pro-sip.net (78.47.XXX.XXX):
PORT STATE SERVICE VERSION
5060/udp open|filtered sip
Nmap finished: 1 IP address (1 host up) scanned in 52.025 seconds
so maybe on your host it just find some issue and guess it is asterisk version XXX