[Freeswitch-users] Smack a Hacker context?

Brian Foster bdfoster at endigotech.com
Sat Aug 11 15:41:25 MSD 2012


My servers are constantly getting hit by bots/wankers. It's not that big of
a deal if you know how to take care of it (fail2ban works wonders).
Obscurity is not really security. I've stopped sanitizing my logs for the
server ip's. I just don't care anymore.

Brian Foster
Endigo Computer LLC

Sent from a mobile device.
On Aug 8, 2012 10:56 AM, "Kristian Kielhofner" <kris at kriskinc.com> wrote:

> In 99% of these cases your machine is being hit by a bot (sipvicious,
> etc).  Playing media is only going to waste your bandwidth and CPU
> resources (chances are they're using a rooted machine).  No human will
> ever hear your special message.
>
> Your "adult option" is the best bet.  Drop them, log them, and move on.
>
> On Mon, Aug 6, 2012 at 10:34 PM, Sean Devoy <sdevoy at bizfocused.com> wrote:
> > HI Everyone,
> >
> >
> >
> > I didn’t bother to obliterate my servers real identity from my last
> pastebin
> > post, shame on me.  Of course within 24 hours some a$$hole is trying the
> > default login ids for Freeswitch.  I am not quite a noob here, but this
> > would take me some time to do and I know some of you guys could crank
> this
> > out in minutes.  Of course you all probably have better ideas too.
> >
> >
> >
> > I want to allow the users in the sample Freeswitch config to login – but
> to
> > special context.  In the “special” context, everything they dial plays a
> > recording like “you’re an ass hangup and try again” or perhaps and ear
> > piercing LOUD tone.  Even better would be to dial them every few minutes
> > with the same recording or sound.  Best of all, if we can detect that
> they
> > are on a CISCO 5xx phone, I have a special config file to send them!
> >
> >
> >
> > Anyone got better ideas?  I would love to hear them.
> >
> >
> >
> > I suppose the adult choice would be to gather their external and
> internal ip
> > addresses and report them to their ISP, but that won’t achieve much.
>  Maybe
> > we could build a blacklist and watch for them to connect to the
> Freeswitch
> > conf call.  Then we could all tell them how much we enjoy their efforts.
> >
> >
> >
> > Sean
> >
> >
> > _________________________________________________________________________
> > Professional FreeSWITCH Consulting Services:
> > consulting at freeswitch.org
> > http://www.freeswitchsolutions.com
> >
> > 
> > 
> >
> > Official FreeSWITCH Sites
> > http://www.freeswitch.org
> > http://wiki.freeswitch.org
> > http://www.cluecon.com
> >
> > Join Us At ClueCon - Aug 7-9, 2012
> >
> > FreeSWITCH-users mailing list
> > FreeSWITCH-users at lists.freeswitch.org
> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> > http://www.freeswitch.org
> >
>
>
>
> --
> Kristian Kielhofner
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> Join Us At ClueCon - Aug 7-9, 2012
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120811/1be52305/attachment.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list