[Freeswitch-users] How to stop SPAM calls?

David Ponzone david.ponzone at ipeva.fr
Mon Aug 23 15:34:54 PDT 2010


You should do that in your firewall.
The quicker you filter, the better.

I would not care much about the RTP traffic.
So you need to filter SIP.
And I would really don't think Vitelity is going to change the IP of  
their softswitch/SBC very often, and if they do, they should tell you.

If Vitelity's IP is X and your SIP port is 5060, what you should do as  
filters is:
allow UDP from X to yourIP:5060 (this will match SIP packets coming  
from Vitelity)
deny UDP from all to yourIP:5060 (this will match malicious SIP packets)
allow UDP from all to all (this will match the RTP traffic and other  
UDP traffic)
and then add your other usual filters

David Ponzone  Direction Technique
email: david.ponzone at ipeva.fr
tel:      01 74 03 18 97
gsm:   06 66 98 76 34

Service Client IPeva
tel:      0811 46 26 26
www.ipeva.fr  -   www.ipeva-studio.com

Ce message et toutes les pièces jointes sont confidentiels et établis  
à l'intention exclusive de ses destinataires. Toute utilisation ou  
diffusion non autorisée est interdite. Tout message électronique est  
susceptible d'altération. IPeva décline toute responsabilité au titre  
de ce message s'il a été altéré, déformé ou falsifié. Si vous n'êtes  
pas destinataire de ce message, merci de le détruire immédiatement et  
d'avertir l'expéditeur.




Le 23/08/2010 à 23:11, Malay Thakershi a écrit :

> That is true. So do I block all other IP in my firewall? Or do I  
> configure that in FreeSwitch? Also, How can be sure my provider's IP  
> to remain same? (I use vitelity)
>
> Please let me know.
>
> On Mon, Aug 23, 2010 at 3:03 PM, David Ponzone  
> <david.ponzone at ipeva.fr> wrote:
> If I understand correctly, you expect calls form PSTN, so only from  
> the known IPs of your provider ?
> You can then filter all other IPs going to your port X (5060, 5080,  
> your mileage may vary).
>
> Also, a call coming to a port you don't use (so not opened) should  
> not have ANY impact.
> It should not even hit the dialplan.
> it should be rejected with ICMP port unreachable by the Windows TCP/ 
> IP stack.
>
> David Ponzone  Direction Technique
> email: david.ponzone at ipeva.fr
> tel:      01 74 03 18 97
> gsm:   06 66 98 76 34
>
> Service Client IPeva
> tel:      0811 46 26 26
> www.ipeva.fr  -   www.ipeva-studio.com
>
> Ce message et toutes les pièces jointes sont confidentiels et  
> établis à l'intention exclusive de ses destinataires. Toute  
> utilisation ou diffusion non autorisée est interdite. Tout message  
> électronique est susceptible d'altération. IPeva décline toute  
> responsabilité au titre de ce message s'il a été altéré, déformé ou  
> falsifié. Si vous n'êtes pas destinataire de ce message, merci de le  
> détruire immédiatement et d'avertir l'expéditeur.
>
>
>
>
> Le 23/08/2010 à 21:47, Malay Thakershi a écrit :
>
>> I am going through documentation but seems iptables can eliminate  
>> calls being made on ports other than required ones.
>>
>> But my server is Windows. How do I run iptables command?
>>
>> Also, could you tell me if I block all incoming ports other than  
>> 5060 and 5061, will my regular inbound calls work?
>>
>> Thank you.
>>
>>
>>
>> 2010/8/23 Brian West <brian at freeswitch.org>
>> David,
>>        No Clue, Never Used It, Can't Say...
>>
>> /b
>>
>> On Aug 23, 2010, at 2:32 PM, David Ponzone wrote:
>>
>> > Brian
>> >
>> > he can't add an ACL with FreePBX ?
>> >
>> > David Ponzone  Direction Technique
>> > email: david.ponzone at ipeva.fr
>> > tel:      01 74 03 18 97
>> > gsm:   06 66 98 76 34
>> >
>> > Service Client IPeva
>> > tel:      0811 46 26 26
>> > www.ipeva.fr  -   www.ipeva-studio.com
>> >
>> > Ce message et toutes les pièces jointes sont confidentiels et  
>> établis à l'intention exclusive de ses destinataires. Toute  
>> utilisation ou diffusion non autorisée est interdite. Tout message  
>> électronique est susceptible d'altération. IPeva décline toute  
>> responsabilité au titre de ce message s'il a été altéré, déformé ou  
>> falsifié. Si vous n'êtes pas destinataire de ce message, merci de  
>> le détruire immédiatement et d'avertir l'expéditeur.
>> >
>> >
>> >
>> >
>> > Le 23/08/2010 à 21:26, Brian West a écrit :
>> >
>> >> Well you're using FreePBX right? The only corse of action you  
>> have is to find out why its crashing and reporting the issue on our  
>> Jira.  Without any more info to go on you're SOL.
>> >>
>> >> http://www.google.com/search?hl=en&client=safari&rls=en&defl=en&q=define:Vishing&sa=X&ei=RstyTO24JI_Znge7-6yNCw&ved=0CBIQkAE
>> >>
>> >> /b
>>
>>
>> _______________________________________________
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>> _______________________________________________
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20100824/d592baaa/attachment-0001.html 


More information about the FreeSWITCH-users mailing list