[Freeswitch-users] SPIT attack and how to strike back
Kristian Kielhofner
kris at kriskinc.com
Thu Apr 21 19:13:24 MSD 2011
On Thu, Apr 21, 2011 at 11:03 AM, mazilo <Nabble at slickdeals.endjunk.com> wrote:
>
> Brian West wrote:
>> the little prick doesn't scan on 5080 yet as far as I know! :P
> OK and that makes sense. When I telnet to both port 5060 and 5080 on my FS,
> it responded. So, I reckon it is safe and better to include both --dport
> 5080 and --dport 5060.
Keep in mind that sipvicious typically (always?) scans using UDP.
FreeSWITCH supports UDP, TCP and TLS (on 5061 if enabled). Telnet is
TCP only so it's not a valid test for exposure to UDP only scans using
sipvicious.
For effective blocking of these attacks block TCP and UDP transports
to 5060 and 5080 if using the default config.
--
Kristian Kielhofner
More information about the FreeSWITCH-users
mailing list