From brian at freeswitch.org Wed Aug 14 22:36:01 2013 From: brian at freeswitch.org (Brian West) Date: Wed, 14 Aug 2013 13:36:01 -0500 Subject: [freeswitch-sec] Welcome! Message-ID: Welcome everyone, Its time to start the discussion. Who wants to take the lead and start a wiki page to guide our discussion topics? -- Brian West brian at freeswitch.org FreeSWITCH Solutions, LLC PO BOX PO BOX 2531 Brookfield, WI 53008-2531 Twitter: @FreeSWITCH_Wire http://www.freeswitchbook.com http://www.freeswitchcookbook.com T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST iNUM: +883 5100 1420 9001 ISN: 410*543 Skype:briankwest PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail Url : http://lists.freeswitch.org/pipermail/freeswitch-sec/attachments/20130814/1042ca5b/attachment.bin From brian at freeswitch.org Thu Aug 15 18:51:32 2013 From: brian at freeswitch.org (Brian West) Date: Thu, 15 Aug 2013 09:51:32 -0500 Subject: [freeswitch-sec] Welcome! In-Reply-To: References: Message-ID: Security Conscience FreeSWITCH Users, This during our Friday FFA call, we could tag team some bullet points on what we hope to accomplish in the security arena with FreeSWITCH: 1. Process Security: buffer overflows and code review 2. Install Security: Running as Non-Root, SE Linux possibly 3. Voice and Signaling encryption 4. SRTP/ZRTP/DTLS docs, how each can be used. 5. Review TLS docs, guidelines and setup instructions. 6. Recommended steps for a secure deployment. 7. Compatible phones for secure operations Please comment, toss in your two cents, I want to get a serious discussion started on this list! What I don't want is 'CRICKETS', lets get this party started... Thanks, -- Brian West brian at freeswitch.org FreeSWITCH Solutions, LLC PO BOX PO BOX 2531 Brookfield, WI 53008-2531 Twitter: @FreeSWITCH_Wire http://www.freeswitchbook.com http://www.freeswitchcookbook.com T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST iNUM: +883 5100 1420 9001 ISN: 410*543 Skype:briankwest PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) On Aug 14, 2013, at 1:36 PM, Brian West wrote: > Welcome everyone, > > Its time to start the discussion. Who wants to take the lead and start a wiki page to guide our discussion topics? > -- > Brian West > brian at freeswitch.org > FreeSWITCH Solutions, LLC > PO BOX PO BOX 2531 > Brookfield, WI 53008-2531 > Twitter: @FreeSWITCH_Wire > http://www.freeswitchbook.com > http://www.freeswitchcookbook.com > > T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST > iNUM: +883 5100 1420 9001 > ISN: 410*543 > Skype:briankwest > PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) > > > > > > > > > > _______________________________________________ > freeswitch-sec mailing list > freeswitch-sec at tron.freeswitch.org > http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail Url : http://lists.freeswitch.org/pipermail/freeswitch-sec/attachments/20130815/e7fde21b/attachment.bin From ira at connectmevoice.com Thu Aug 15 19:40:35 2013 From: ira at connectmevoice.com (Ira Tessler) Date: Thu, 15 Aug 2013 11:40:35 -0400 Subject: [freeswitch-sec] Fraud Message-ID: Could we also at fraud to the discussion? In particular, international call fraud and ways to prevent this. Ira Tessler Lead Software Engineer ConnectMe (732) 490-9007 x2 ira at connectmevoice.com -----Original Message----- From: freeswitch-sec-bounces at tron.freeswitch.org [mailto:freeswitch-sec-bounces at tron.freeswitch.org] On Behalf Of Brian West Sent: Thursday, August 15, 2013 10:52 AM To: freeswitch-sec at lists.freeswitch.org Subject: Re: [freeswitch-sec] Welcome! Security Conscience FreeSWITCH Users, This during our Friday FFA call, we could tag team some bullet points on what we hope to accomplish in the security arena with FreeSWITCH: 1. Process Security: buffer overflows and code review 2. Install Security: Running as Non-Root, SE Linux possibly 3. Voice and Signaling encryption 4. SRTP/ZRTP/DTLS docs, how each can be used. 5. Review TLS docs, guidelines and setup instructions. 6. Recommended steps for a secure deployment. 7. Compatible phones for secure operations Please comment, toss in your two cents, I want to get a serious discussion started on this list! What I don't want is 'CRICKETS', lets get this party started... Thanks, -- Brian West brian at freeswitch.org FreeSWITCH Solutions, LLC PO BOX PO BOX 2531 Brookfield, WI 53008-2531 Twitter: @FreeSWITCH_Wire http://www.freeswitchbook.com http://www.freeswitchcookbook.com T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST iNUM: +883 5100 1420 9001 ISN: 410*543 Skype:briankwest PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) On Aug 14, 2013, at 1:36 PM, Brian West wrote: > Welcome everyone, > > Its time to start the discussion. Who wants to take the lead and start a wiki page to guide our discussion topics? > -- > Brian West > brian at freeswitch.org > FreeSWITCH Solutions, LLC > PO BOX PO BOX 2531 > Brookfield, WI 53008-2531 > Twitter: @FreeSWITCH_Wire > http://www.freeswitchbook.com > http://www.freeswitchcookbook.com > > T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST > iNUM: +883 5100 1420 9001 > ISN: 410*543 > Skype:briankwest > PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) > > > > > > > > > > _______________________________________________ > freeswitch-sec mailing list > freeswitch-sec at tron.freeswitch.org > http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec From brian at freeswitch.org Thu Aug 15 19:46:57 2013 From: brian at freeswitch.org (Brian West) Date: Thu, 15 Aug 2013 10:46:57 -0500 Subject: [freeswitch-sec] Fraud In-Reply-To: References: Message-ID: <3F70C96F-BD45-4BE1-932A-1388F2F2F686@freeswitch.org> Ira, Yes, this would be a perfect place to do that, I have been thinking if we could setup some sort of honey pot network and centralized reporting we could help protect voip installs all over the place. I'm one person, we would need some volunteers to step up and help build this out. -- Brian West brian at freeswitch.org FreeSWITCH Solutions, LLC PO BOX PO BOX 2531 Brookfield, WI 53008-2531 Twitter: @FreeSWITCH_Wire http://www.freeswitchbook.com http://www.freeswitchcookbook.com T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST iNUM: +883 5100 1420 9001 ISN: 410*543 Skype:briankwest PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) On Aug 15, 2013, at 10:40 AM, Ira Tessler wrote: > Could we also at fraud to the discussion? In particular, international > call fraud and ways to prevent this. > > Ira Tessler > Lead Software Engineer > ConnectMe > (732) 490-9007 x2 > ira at connectmevoice.com > > > -----Original Message----- > From: freeswitch-sec-bounces at tron.freeswitch.org > [mailto:freeswitch-sec-bounces at tron.freeswitch.org] On Behalf Of Brian > West > Sent: Thursday, August 15, 2013 10:52 AM > To: freeswitch-sec at lists.freeswitch.org > Subject: Re: [freeswitch-sec] Welcome! > > Security Conscience FreeSWITCH Users, > > This during our Friday FFA call, we could tag team some bullet > points on what we hope to accomplish in the security arena with > FreeSWITCH: > > 1. Process Security: buffer overflows and code review 2. Install Security: > Running as Non-Root, SE Linux possibly 3. Voice and Signaling encryption > 4. SRTP/ZRTP/DTLS docs, how each can be used. > 5. Review TLS docs, guidelines and setup instructions. > 6. Recommended steps for a secure deployment. > 7. Compatible phones for secure operations > > Please comment, toss in your two cents, I want to get a serious discussion > started on this list! > > What I don't want is 'CRICKETS', lets get this party started... > > Thanks, > -- > Brian West > brian at freeswitch.org > FreeSWITCH Solutions, LLC > PO BOX PO BOX 2531 > Brookfield, WI 53008-2531 > Twitter: @FreeSWITCH_Wire > http://www.freeswitchbook.com > http://www.freeswitchcookbook.com > > T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST > iNUM: +883 5100 1420 9001 > ISN: 410*543 > Skype:briankwest > PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) > > On Aug 14, 2013, at 1:36 PM, Brian West wrote: > >> Welcome everyone, >> >> Its time to start the discussion. Who wants to take the lead and > start a wiki page to guide our discussion topics? >> -- >> Brian West >> brian at freeswitch.org >> FreeSWITCH Solutions, LLC >> PO BOX PO BOX 2531 >> Brookfield, WI 53008-2531 >> Twitter: @FreeSWITCH_Wire >> http://www.freeswitchbook.com >> http://www.freeswitchcookbook.com >> >> T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST >> iNUM: +883 5100 1420 9001 >> ISN: 410*543 >> Skype:briankwest >> PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) >> >> >> >> >> >> >> >> >> >> _______________________________________________ >> freeswitch-sec mailing list >> freeswitch-sec at tron.freeswitch.org >> http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec > > _______________________________________________ > freeswitch-sec mailing list > freeswitch-sec at tron.freeswitch.org > http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail Url : http://lists.freeswitch.org/pipermail/freeswitch-sec/attachments/20130815/ce7fcb72/attachment.bin From gerardo.barajas at gmail.com Thu Aug 15 20:56:10 2013 From: gerardo.barajas at gmail.com (Gerardo Barajas) Date: Thu, 15 Aug 2013 11:56:10 -0500 Subject: [freeswitch-sec] Welcome! In-Reply-To: References: Message-ID: I am not a security expert but I've seen a lot of Asterisk Servers hacked because of very bad deployments. This very bad deployments include non-protection against SIP enumeration, Apache's weaknesses, non-passwords DISA, etc. But these bad deployments are alse the results of a bad design. I guess we should discuss this matters Saludos/Regards -- Ing. Gerardo Barajas Puente On Thu, Aug 15, 2013 at 9:51 AM, Brian West wrote: > Security Conscience FreeSWITCH Users, > > This during our Friday FFA call, we could tag team some bullet > points on what we hope to accomplish in the security arena with FreeSWITCH: > > 1. Process Security: buffer overflows and code review > 2. Install Security: Running as Non-Root, SE Linux possibly > 3. Voice and Signaling encryption > 4. SRTP/ZRTP/DTLS docs, how each can be used. > 5. Review TLS docs, guidelines and setup instructions. > 6. Recommended steps for a secure deployment. > 7. Compatible phones for secure operations > > Please comment, toss in your two cents, I want to get a serious discussion > started on this list! > > What I don't want is 'CRICKETS', lets get this party started... > > Thanks, > -- > Brian West > brian at freeswitch.org > FreeSWITCH Solutions, LLC > PO BOX PO BOX 2531 > Brookfield, WI 53008-2531 > Twitter: @FreeSWITCH_Wire > http://www.freeswitchbook.com > http://www.freeswitchcookbook.com > > T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST > iNUM: +883 5100 1420 9001 > ISN: 410*543 > Skype:briankwest > PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) > > On Aug 14, 2013, at 1:36 PM, Brian West wrote: > > > Welcome everyone, > > > > Its time to start the discussion. Who wants to take the lead and > start a wiki page to guide our discussion topics? > > -- > > Brian West > > brian at freeswitch.org > > FreeSWITCH Solutions, LLC > > PO BOX PO BOX 2531 > > Brookfield, WI 53008-2531 > > Twitter: @FreeSWITCH_Wire > > http://www.freeswitchbook.com > > http://www.freeswitchcookbook.com > > > > T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST > > iNUM: +883 5100 1420 9001 > > ISN: 410*543 > > Skype:briankwest > > PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > freeswitch-sec mailing list > > freeswitch-sec at tron.freeswitch.org > > http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec > > > _______________________________________________ > freeswitch-sec mailing list > freeswitch-sec at tron.freeswitch.org > http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.freeswitch.org/pipermail/freeswitch-sec/attachments/20130815/7fc3f371/attachment.html From intralanman at freeswitch.org Thu Aug 15 23:49:39 2013 From: intralanman at freeswitch.org (Raymond Chandler) Date: Thu, 15 Aug 2013 15:49:39 -0400 Subject: [freeswitch-sec] Fraud In-Reply-To: <3F70C96F-BD45-4BE1-932A-1388F2F2F686@freeswitch.org> References: <3F70C96F-BD45-4BE1-932A-1388F2F2F686@freeswitch.org> Message-ID: <520D30D3.4040701@freeswitch.org> On 08/15/2013 11:46 AM, Brian West wrote: > Ira, > Yes, this would be a perfect place to do that, I have been thinking if we could setup some sort of honey pot network and centralized reporting we could help protect voip installs all over the place. > > I'm one person, we would need some volunteers to step up and help build this out. > Ken and I talked about building something into e164.org to allow you to do dnsbl-like queries there and get info on a specific IP or TN. Any interest in seeing that come to fruition? There are obvious issues with being able to verify that a TN really belongs to the person calling you (not being spoofed), but maybe the STIR workgroup stuff will help in that regard (in a year or two?). -Ray From brian at freeswitch.org Thu Aug 15 23:50:29 2013 From: brian at freeswitch.org (Brian West) Date: Thu, 15 Aug 2013 14:50:29 -0500 Subject: [freeswitch-sec] Fraud In-Reply-To: <520D30D3.4040701@freeswitch.org> References: <3F70C96F-BD45-4BE1-932A-1388F2F2F686@freeswitch.org> <520D30D3.4040701@freeswitch.org> Message-ID: <882874D3-F895-44C7-B4C0-6FB3F701E83F@freeswitch.org> I found that doing a reverse on the IP to regular spam RBLs results in hits on most attempts to connect. On Aug 15, 2013, at 2:49 PM, Raymond Chandler wrote: > Ken and I talked about building something into e164.org to allow you to do dnsbl-like queries there and get info on a specific IP or TN. Any interest in seeing that come to fruition? > > There are obvious issues with being able to verify that a TN really belongs to the person calling you (not being spoofed), but maybe the STIR workgroup stuff will help in that regard (in a year or two?). > > -Ray -- Brian West brian at freeswitch.org FreeSWITCH Solutions, LLC PO BOX PO BOX 2531 Brookfield, WI 53008-2531 Twitter: @FreeSWITCH_Wire http://www.freeswitchbook.com http://www.freeswitchcookbook.com T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST iNUM: +883 5100 1420 9001 ISN: 410*543 Skype:briankwest PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail Url : http://lists.freeswitch.org/pipermail/freeswitch-sec/attachments/20130815/4506dc0a/attachment.bin From ira at connectmevoice.com Fri Aug 16 19:17:23 2013 From: ira at connectmevoice.com (Ira Tessler) Date: Fri, 16 Aug 2013 11:17:23 -0400 Subject: [freeswitch-sec] Fraud In-Reply-To: <882874D3-F895-44C7-B4C0-6FB3F701E83F@freeswitch.org> References: <3F70C96F-BD45-4BE1-932A-1388F2F2F686@freeswitch.org> <520D30D3.4040701@freeswitch.org> <882874D3-F895-44C7-B4C0-6FB3F701E83F@freeswitch.org> Message-ID: <75ad034bf009909c6fd8d90bb59bb631@mail.gmail.com> Are there any international phone number black list databases out there? We currently only allow international calls during normal business hours, have daily quotas and have a user access pin code. I am always looking for more options to prevent fraud. Thanks! Ira Tessler Lead Software Engineer ConnectMe (732) 490-9007 x2 ira at connectmevoice.com -----Original Message----- From: freeswitch-sec-bounces at tron.freeswitch.org [mailto:freeswitch-sec-bounces at tron.freeswitch.org] On Behalf Of Brian West Sent: Thursday, August 15, 2013 3:50 PM To: Raymond Chandler Cc: freeswitch-sec at lists.freeswitch.org Subject: Re: [freeswitch-sec] Fraud I found that doing a reverse on the IP to regular spam RBLs results in hits on most attempts to connect. On Aug 15, 2013, at 2:49 PM, Raymond Chandler wrote: > Ken and I talked about building something into e164.org to allow you to do dnsbl-like queries there and get info on a specific IP or TN. Any interest in seeing that come to fruition? > > There are obvious issues with being able to verify that a TN really belongs to the person calling you (not being spoofed), but maybe the STIR workgroup stuff will help in that regard (in a year or two?). > > -Ray -- Brian West brian at freeswitch.org FreeSWITCH Solutions, LLC PO BOX PO BOX 2531 Brookfield, WI 53008-2531 Twitter: @FreeSWITCH_Wire http://www.freeswitchbook.com http://www.freeswitchcookbook.com T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST iNUM: +883 5100 1420 9001 ISN: 410*543 Skype:briankwest PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) From brian at freeswitch.org Fri Aug 16 19:18:34 2013 From: brian at freeswitch.org (Brian West) Date: Fri, 16 Aug 2013 10:18:34 -0500 Subject: [freeswitch-sec] Fraud In-Reply-To: <75ad034bf009909c6fd8d90bb59bb631@mail.gmail.com> References: <3F70C96F-BD45-4BE1-932A-1388F2F2F686@freeswitch.org> <520D30D3.4040701@freeswitch.org> <882874D3-F895-44C7-B4C0-6FB3F701E83F@freeswitch.org> <75ad034bf009909c6fd8d90bb59bb631@mail.gmail.com> Message-ID: We need to actually discuss some form of infrastructure to broadcast these types of thing in a secure way as to prevent false positives. /b On Aug 16, 2013, at 10:17 AM, Ira Tessler wrote: > Are there any international phone number black list databases out there? > We currently only allow international calls during normal business hours, > have daily quotas and have a user access pin code. I am always looking for > more options to prevent fraud. > > Thanks! > > Ira Tessler > Lead Software Engineer > ConnectMe > (732) 490-9007 x2 > ira at connectmevoice.com > > -----Original Message----- > From: freeswitch-sec-bounces at tron.freeswitch.org > [mailto:freeswitch-sec-bounces at tron.freeswitch.org] On Behalf Of Brian > West > Sent: Thursday, August 15, 2013 3:50 PM > To: Raymond Chandler > Cc: freeswitch-sec at lists.freeswitch.org > Subject: Re: [freeswitch-sec] Fraud > > I found that doing a reverse on the IP to regular spam RBLs results in > hits on most attempts to connect. > > On Aug 15, 2013, at 2:49 PM, Raymond Chandler > wrote: > >> Ken and I talked about building something into e164.org to allow you to > do dnsbl-like queries there and get info on a specific IP or TN. Any > interest in seeing that come to fruition? >> >> There are obvious issues with being able to verify that a TN really > belongs to the person calling you (not being spoofed), but maybe the STIR > workgroup stuff will help in that regard (in a year or two?). >> >> -Ray > > > > -- > Brian West > brian at freeswitch.org > FreeSWITCH Solutions, LLC > PO BOX PO BOX 2531 > Brookfield, WI 53008-2531 > Twitter: @FreeSWITCH_Wire > http://www.freeswitchbook.com > http://www.freeswitchcookbook.com > > T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST > iNUM: +883 5100 1420 9001 > ISN: 410*543 > Skype:briankwest > PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail Url : http://lists.freeswitch.org/pipermail/freeswitch-sec/attachments/20130816/c2a8b2cc/attachment.bin From ash at url.net.au Fri Aug 16 19:58:25 2013 From: ash at url.net.au (Ashley Breeden) Date: Sat, 17 Aug 2013 01:58:25 +1000 Subject: [freeswitch-sec] Fraud In-Reply-To: <3F70C96F-BD45-4BE1-932A-1388F2F2F686@freeswitch.org> References: <3F70C96F-BD45-4BE1-932A-1388F2F2F686@freeswitch.org> Message-ID: Hi Brian, I would be interested in the honeypot idea and I think it could work very well. I have always thought a centralised system where trusted organisations could supply data feeds of IP's that have attacked them and fraudulent destinations would be very helpful in reducing the risk associated with having public facing servers. I am happy to volunteer and help see this one happen (Timezone difference in Australia creates a little problem). What sort of skills do you think you need for this? I currently run a series of fail2ban rules over my firewall logs looking for attackers making connection to various SIP ports on networks where there is no SIP server. If someone does scan the wrong IP the fail2ban action would then ban the IP from my network for a week. If myself and others shared these IP's to a central location we should be able to build up a valid list of IP's to block. I wouldn't say allow everyone to supply data feeds as there is a chance of the wrong addresses being blocked but there would have to be "Trusted" people in the community that could supply reliable data. Cheers, Ash. On 16/08/2013, at 1:46 AM, Brian West wrote: > Ira, > Yes, this would be a perfect place to do that, I have been thinking if we could setup some sort of honey pot network and centralized reporting we could help protect voip installs all over the place. > > I'm one person, we would need some volunteers to step up and help build this out. > > -- > Brian West > brian at freeswitch.org > FreeSWITCH Solutions, LLC > PO BOX PO BOX 2531 > Brookfield, WI 53008-2531 > Twitter: @FreeSWITCH_Wire > http://www.freeswitchbook.com > http://www.freeswitchcookbook.com > > T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST > iNUM: +883 5100 1420 9001 > ISN: 410*543 > Skype:briankwest > PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) > > > > > > > > > > On Aug 15, 2013, at 10:40 AM, Ira Tessler wrote: > >> Could we also at fraud to the discussion? In particular, international >> call fraud and ways to prevent this. >> >> Ira Tessler >> Lead Software Engineer >> ConnectMe >> (732) 490-9007 x2 >> ira at connectmevoice.com >> >> >> -----Original Message----- >> From: freeswitch-sec-bounces at tron.freeswitch.org >> [mailto:freeswitch-sec-bounces at tron.freeswitch.org] On Behalf Of Brian >> West >> Sent: Thursday, August 15, 2013 10:52 AM >> To: freeswitch-sec at lists.freeswitch.org >> Subject: Re: [freeswitch-sec] Welcome! >> >> Security Conscience FreeSWITCH Users, >> >> This during our Friday FFA call, we could tag team some bullet >> points on what we hope to accomplish in the security arena with >> FreeSWITCH: >> >> 1. Process Security: buffer overflows and code review 2. Install Security: >> Running as Non-Root, SE Linux possibly 3. Voice and Signaling encryption >> 4. SRTP/ZRTP/DTLS docs, how each can be used. >> 5. Review TLS docs, guidelines and setup instructions. >> 6. Recommended steps for a secure deployment. >> 7. Compatible phones for secure operations >> >> Please comment, toss in your two cents, I want to get a serious discussion >> started on this list! >> >> What I don't want is 'CRICKETS', lets get this party started... >> >> Thanks, >> -- >> Brian West >> brian at freeswitch.org >> FreeSWITCH Solutions, LLC >> PO BOX PO BOX 2531 >> Brookfield, WI 53008-2531 >> Twitter: @FreeSWITCH_Wire >> http://www.freeswitchbook.com >> http://www.freeswitchcookbook.com >> >> T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST >> iNUM: +883 5100 1420 9001 >> ISN: 410*543 >> Skype:briankwest >> PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) >> >> On Aug 14, 2013, at 1:36 PM, Brian West wrote: >> >>> Welcome everyone, >>> >>> Its time to start the discussion. Who wants to take the lead and >> start a wiki page to guide our discussion topics? >>> -- >>> Brian West >>> brian at freeswitch.org >>> FreeSWITCH Solutions, LLC >>> PO BOX PO BOX 2531 >>> Brookfield, WI 53008-2531 >>> Twitter: @FreeSWITCH_Wire >>> http://www.freeswitchbook.com >>> http://www.freeswitchcookbook.com >>> >>> T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST >>> iNUM: +883 5100 1420 9001 >>> ISN: 410*543 >>> Skype:briankwest >>> PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED) >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> _______________________________________________ >>> freeswitch-sec mailing list >>> freeswitch-sec at tron.freeswitch.org >>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec >> >> _______________________________________________ >> freeswitch-sec mailing list >> freeswitch-sec at tron.freeswitch.org >> http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec > > _______________________________________________ > freeswitch-sec mailing list > freeswitch-sec at tron.freeswitch.org > http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec