[Freeswitch-users] Hacked FreeSWITCH mentioned on the Verge regarding bomb threats
Giovanni Maruzzelli
gmaruzz at gmail.com
Tue Mar 14 23:56:33 MSK 2017
NO, the default password of the demo configuration is just that, a DEFAULT
password of a DEMO configuration.
That is meant to DEMO just OUT OF THE BOX
So, it must stay this way, because it just works, and is a demo
Then, if you put a demo in production, the problem is between the monitor
and the seat, not in the software
On 14 March 2017 at 21:46, David Villasmil <david.villasmil.work at gmail.com>
wrote:
> Make the default password very obscure ramdomized on the fly... that way
> people will be crying because they can't figure out a password instead of
> having noobies hacked :)
>
> On Tue, Mar 14, 2017 at 9:40 PM Mirko Brankovic <mirkobrankovic at gmail.com>
> wrote:
>
>> Indeed ;)
>>
>> On Mar 14, 2017 20:38, "Antonio Silva" <asilva at wirelessmundi.com> wrote:
>>
>> almost... until the user to test set userid = password ... and forget to
>> change it... ops... hacked...
>>
>> it's all about good practices.
>>
>> Regards,
>> António
>>
>> On 03/14/2017 07:39 PM, Mirko Brankovic wrote:
>>
>> Cance default password to uuid(), so every new install will get random
>> one ... Bulletproof :°D
>>
>> On Mar 14, 2017 19:30, "Brian West" <brian at freeswitch.org> wrote:
>>
>> This is exactly what prompted me to put the FOUR LINE CRIT statement when
>> the default password isn't changed along with a 10 second delay before
>> proceeding. Still I see questions posted about the 10 second delay and
>> asking what it means. Not sure how to make it more clear.
>>
>> /b
>>
>>
>> On Tue, Mar 14, 2017 at 1:19 PM, Giovanni Maruzzelli <gmaruzz at gmail.com>
>> wrote:
>>
>> Is nice because they mention FreeSWITCH in the tag of the link, but the
>> link is about FreePBX.
>>
>> Anyway, it's true: if you do not use the standard security practice, and
>> leave your FreeSWITCH with standard password "1234", or maybe you change
>> the standard password to "password", you probably will be hacked, and phone
>> calls will be originated from your FreeSWITCH that you do not want to
>> originate.
>>
>> But, man, that's what you, and me, and anyone is expecting.
>>
>> Also, please do not drive wrong way in the autobahn :))
>>
>> -giovanni
>>
>>
>> On 14 March 2017 at 16:42, Mario G <mario_fs at mgtech.com> wrote:
>>
>> Thought some may be interested in this. I first saw it today via Apple
>> News… Related to tracing bomb threats and Jewish attacks… FreeSWITCH
>> mentioned twice.
>> http://www.theverge.com/2017/3/14/14913118/jcc-bomb-
>> threats-anonymous-phone-calls-pdx-hacking
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>>
>>
>> --
>>
>> Sincerely,
>>
>> Giovanni Maruzzelli
>> OpenTelecom.IT
>> cell: +39 347 266 56 18
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>>
>>
>> --
>>
>> *Brian West*
>> brian at freeswitch.org
>>
>> *Twitter: @FreeSWITCH , @briankwest*
>>
>> http://www.freeswitchbook.com
>> http://www.freeswitchcookbook.com
>>
>> Allison prompts for FreeSWITCH:
>>
>> *https://www.gofundme.com/allison-prompts-for-freeswitch*
>> <https://www.gofundme.com/allison-prompts-for-freeswitch>
>>
>> Got Bugs? Report them here <https://freeswitch.org/jira>! | Reddit:
>> /r/freeswitch <https://www.reddit.com/r/freeswitch>
>>
>> *T:*+19184209001 <+1%20918-420-9001> | *F:*+19184209002
>> <+1%20918-420-9002> | *M:*+1918424WEST (9378)
>> *Skype:*briankwest
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services: consulting at freeswitch.orghttp://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Siteshttp://www.freeswitch.orghttp://confluence.freeswitch.orghttp://www.cluecon.com
>>
>> FreeSWITCH-users mailing listFreeSWITCH-users at lists.freeswitch.orghttp://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-usershttp://www.freeswitch.org
>>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
--
Sincerely,
Giovanni Maruzzelli
OpenTelecom.IT
cell: +39 347 266 56 18
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20170314/5687e903/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list