<div dir="ltr">I am not a security expert but I've seen a lot of Asterisk Servers hacked because of very bad deployments. This very bad deployments include non-protection against SIP enumeration, Apache's weaknesses, non-passwords DISA, etc. But these bad deployments are alse the results of a bad design. I guess we should discuss this matters</div>
<div class="gmail_extra"><br clear="all"><div>Saludos/Regards<br>--<br>Ing. Gerardo Barajas Puente<br><br></div>
<br><br><div class="gmail_quote">On Thu, Aug 15, 2013 at 9:51 AM, Brian West <span dir="ltr"><<a href="mailto:brian@freeswitch.org" target="_blank">brian@freeswitch.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Security Conscience FreeSWITCH Users,<br>
<br>
This during our Friday FFA call, we could tag team some bullet points on what we hope to accomplish in the security arena with FreeSWITCH:<br>
<br>
1. Process Security: buffer overflows and code review<br>
2. Install Security: Running as Non-Root, SE Linux possibly<br>
3. Voice and Signaling encryption<br>
4. SRTP/ZRTP/DTLS docs, how each can be used.<br>
5. Review TLS docs, guidelines and setup instructions.<br>
6. Recommended steps for a secure deployment.<br>
7. Compatible phones for secure operations<br>
<br>
Please comment, toss in your two cents, I want to get a serious discussion started on this list!<br>
<br>
What I don't want is 'CRICKETS', lets get this party started...<br>
<br>
Thanks,<br>
<div class="im">--<br>
Brian West<br>
<a href="mailto:brian@freeswitch.org">brian@freeswitch.org</a><br>
FreeSWITCH Solutions, LLC<br>
PO BOX PO BOX 2531<br>
Brookfield, WI 53008-2531<br>
Twitter: @FreeSWITCH_Wire<br>
<a href="http://www.freeswitchbook.com" target="_blank">http://www.freeswitchbook.com</a><br>
<a href="http://www.freeswitchcookbook.com" target="_blank">http://www.freeswitchcookbook.com</a><br>
<br>
T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST<br>
iNUM: +883 5100 1420 9001<br>
ISN: 410*543<br>
Skype:briankwest<br>
PGP Key: <a href="http://www.bkw.org/key.txt" target="_blank">http://www.bkw.org/key.txt</a> (AB93356707C76CED)<br>
<br>
</div><div><div class="h5">On Aug 14, 2013, at 1:36 PM, Brian West <<a href="mailto:brian@freeswitch.org">brian@freeswitch.org</a>> wrote:<br>
<br>
> Welcome everyone,<br>
><br>
> Its time to start the discussion. Who wants to take the lead and start a wiki page to guide our discussion topics?<br>
> --<br>
> Brian West<br>
> <a href="mailto:brian@freeswitch.org">brian@freeswitch.org</a><br>
> FreeSWITCH Solutions, LLC<br>
> PO BOX PO BOX 2531<br>
> Brookfield, WI 53008-2531<br>
> Twitter: @FreeSWITCH_Wire<br>
> <a href="http://www.freeswitchbook.com" target="_blank">http://www.freeswitchbook.com</a><br>
> <a href="http://www.freeswitchcookbook.com" target="_blank">http://www.freeswitchcookbook.com</a><br>
><br>
> T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST<br>
> iNUM: +883 5100 1420 9001<br>
> ISN: 410*543<br>
> Skype:briankwest<br>
> PGP Key: <a href="http://www.bkw.org/key.txt" target="_blank">http://www.bkw.org/key.txt</a> (AB93356707C76CED)<br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
><br>
</div></div>> _______________________________________________<br>
> freeswitch-sec mailing list<br>
> <a href="mailto:freeswitch-sec@tron.freeswitch.org">freeswitch-sec@tron.freeswitch.org</a><br>
> <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec</a><br>
<br>
<br>_______________________________________________<br>
freeswitch-sec mailing list<br>
<a href="mailto:freeswitch-sec@tron.freeswitch.org">freeswitch-sec@tron.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-sec</a><br>
<br></blockquote></div><br></div>