[Freeswitch-users] Brute-force attack

Jack jack at livecall.com
Thu Jun 14 09:43:57 MSD 2012 

I have run into this same problem with win2003.  You may need to check 
to see if windows 7 has IPSEC service.
If so, you can set up a blocked list in ipsec that you can add ip 
addresses to and windows won't let them into your machine.

Click on Start menu
choose Administrative Tools
choose Services
Find IPSEC Services - double click to open properties - make sure it is 
set to Automatic and started.

You can create the block list by issuing the following commands from a 
command window:

netsh ipsec static add filteraction name=Block action=block
netsh ipsec static add filter filterlist=BlockList 
srcaddr=192.168.192.100 dstaddr=me
netsh ipsec static add policy name=Block assign=yes activatedefaultrule=no
netsh ipsec static add rule name=BlockList policy=Block 
filterlist=BlockList filteraction=Block
netsh ipsec static delete filter filterlist=BlockList 
srcaddr=192.168.192.100 dstaddr=Me


create a directory called blockip

now in notepad  create blockip.bat with the following line in it:
netsh ipsec static add filter filterlist=BlockList srcaddr=%1 dstaddr=me

Now , in notepad, createunblockip.bat with the following line in it:
netsh ipsec static delete filter filterlist=BlockList srcaddr=%1 dstaddr=me


to block ip address 123.123.123.123  type blockip 123.123.123.123      
at a command prompt.

to unblock ip address 123.123.123.123  type unblockip 123.123.123.123 
      at a command prompt.

You can use xml_curl to keep track of hit frequency and do the blocking 
for you.


hope that helps....
jack


On 6/13/2012 7:27 PM, ocset wrote:
> Hi
>
> I have deployed Freeswiitch on windows 7 and since there is no fail2ban
> on windows, I was wondering what the real risk is with opening it up to
> the internet. If I was to ensure that all users and passwords were
> extremely difficult to guess (passwords like "2$53E_d7?^2!3s$"), what
> are the risks that I am exposing myself to? Is there a type of DoS for
> voip where hackers can just flood my system with requests simply to be
> malicious?
>
> There are VB windows scripts available that emulate what fail2ban does
> on Linux but I was just wondering whether I really need to implement
> this level of security if I can control the password complexity in
> Freeswitch.
>
> Thanks
> O
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> Join Us At ClueCon - Aug 7-9, 2012
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120613/059a8671/attachment.html

Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list