I'm on the receiving end of a brute force SIP registration attack coming from 111.75.255.9, trying to log on to my Asterisk box with random extension numbers.
I've fixed my fail2ban but it's still coming in thick and fast despite now being blocked, and it's pushed my data usage up quite high, and is having a DoS effect. It's been going on all day.
Anyone else getting this? It's fierce.
edit: added details of the attack