[Freeswitch-users] Brute-force attack
Gabriel Gunderson
gabe at gundy.org
Thu Jun 14 22:13:33 MSD 2012
On Wed, Jun 13, 2012 at 8:27 PM, ocset <ocset at the800group.com> wrote:
> If I was to ensure that all users and passwords were
> extremely difficult to guess (passwords like "2$53E_d7?^2!3s$"), what
> are the risks that I am exposing myself to? Is there a type of DoS for
> voip where hackers can just flood my system with requests simply to be
> malicious?
If you happen to be using mod_xml_curl for your directory look ups,
the dumb dictionary attack can really hurt. If you have strong
passwords, it might not be them getting access to the system that
you'll need to worry about. It's more likely getting your web and db
servers hammered that you'll need to worry about :)
Gabe
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list