[Freeswitch-users] Hacked FreeSWITCH mentioned on the Verge regarding bomb threats

Brian West brian at freeswitch.org
Wed Mar 15 17:09:14 MSK 2017


I do believe Giovanni hit the nail on the head.  And in all honesty it
wouldn't matter what we try to do to protect the end user from themselves,
If they don't fully grasp the concepts and how the security model works
there isn't much more we can do as project to prevent bad deployments with
shady security settings.


/b


On Wed, Mar 15, 2017 at 10:04 AM, Steven Ayre <steveayre at gmail.com> wrote:

> Bundle a dictionary of commonly used passwords and reject the calls if the
> password is on the blacklist? ;)
>
>
> On 14 March 2017 at 18:29, Brian West <brian at freeswitch.org> wrote:
>
>> This is exactly what prompted me to put the FOUR LINE CRIT statement when
>> the default password isn't changed along with a 10 second delay before
>> proceeding.  Still I see questions posted about the 10 second delay and
>> asking what it means. Not sure how to make it more clear.
>>
>> /b
>>
>>
>> On Tue, Mar 14, 2017 at 1:19 PM, Giovanni Maruzzelli <gmaruzz at gmail.com>
>> wrote:
>>
>>> Is nice because they mention FreeSWITCH in the tag of the link, but the
>>> link is about FreePBX.
>>>
>>> Anyway, it's true: if you do not use the standard security practice, and
>>> leave your FreeSWITCH with standard password "1234", or maybe you change
>>> the standard password to "password", you probably will be hacked, and phone
>>> calls will be originated from your FreeSWITCH that you do not want to
>>> originate.
>>>
>>> But, man, that's what you, and me, and anyone is expecting.
>>>
>>> Also, please do not drive wrong way in the autobahn :))
>>>
>>> -giovanni
>>>
>>>
>>> On 14 March 2017 at 16:42, Mario G <mario_fs at mgtech.com> wrote:
>>>
>>>> Thought some may be interested in this. I first saw it today via Apple
>>>> News… Related to tracing bomb threats and Jewish attacks… FreeSWITCH
>>>> mentioned twice.
>>>> http://www.theverge.com/2017/3/14/14913118/jcc-bomb-threats-
>>>> anonymous-phone-calls-pdx-hacking
>>>> ____________________________________________________________
>>>> _____________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/free
>>>> switch-users
>>>> http://www.freeswitch.org
>>>
>>>
>>>
>>>
>>> --
>>>
>>> Sincerely,
>>>
>>> Giovanni Maruzzelli
>>> OpenTelecom.IT
>>> cell: +39 347 266 56 18
>>>
>>> ____________________________________________________________
>>> _____________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>>
>>
>> --
>>
>> *Brian West*
>> brian at freeswitch.org
>>
>> *Twitter: @FreeSWITCH , @briankwest*
>>
>> http://www.freeswitchbook.com
>> http://www.freeswitchcookbook.com
>>
>> Allison prompts for FreeSWITCH:
>>
>> *https://www.gofundme.com/allison-prompts-for-freeswitch*
>> <https://www.gofundme.com/allison-prompts-for-freeswitch>
>>
>> Got Bugs? Report them here <https://freeswitch.org/jira>! | Reddit:
>> /r/freeswitch <https://www.reddit.com/r/freeswitch>
>>
>> *T:*+19184209001 <(918)%20420-9001> | *F:*+19184209002 <(918)%20420-9002>
>> | *M:*+1918424WEST (9378)
>> *Skype:*briankwest
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>



-- 

*Brian West*
brian at freeswitch.org

*Twitter: @FreeSWITCH , @briankwest*

http://www.freeswitchbook.com
http://www.freeswitchcookbook.com

Allison prompts for FreeSWITCH:

*https://www.gofundme.com/allison-prompts-for-freeswitch*
<https://www.gofundme.com/allison-prompts-for-freeswitch>

Got Bugs? Report them here <https://freeswitch.org/jira>! | Reddit:
/r/freeswitch <https://www.reddit.com/r/freeswitch>

*T:*+19184209001 | *F:*+19184209002 | *M:*+1918424WEST (9378)
*Skype:*briankwest
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20170315/d5bd106e/attachment.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list