[Freeswitch-users] securing sip channel
Avi Marcus
avi at avimarcus.net
Fri Nov 4 00:51:33 MSK 2011
You can use static IP instead of the password, or hard code it in addition
to the password.
But what I think you really want for the registration is "SIPS" via
TLS/SSL: http://wiki.freeswitch.org/wiki/Tls
Actually, this is only to secure it against a registration being sniffed...
which already uses a hash to not send the password in plain text (but can
still be stolen via MITM, e.g. on public wifi).
Do you just want fail2ban to prevent brute forcing the passwords?
http://wiki.freeswitch.org/wiki/Fail2ban
-Avi
On Thu, Nov 3, 2011 at 9:05 PM, Tamer Higazi <th982a at googlemail.com> wrote:
> Hi!
> I am interested to know if there is a way to secure the registration
> against account hacking.
>
> for example, I would create an SIP Account server side, there would be
> the possibility that only users with the static IP-Address could login
> to the assigned account. Is there one other way like kerberos ticket
> authentication or public secret key with ipsec?!
>
>
> For any advise I would thank you
>
>
>
> Tamer
>
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20111103/cfd74b8b/attachment.html
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list