[Freeswitch-users] Security - IPtables, Fail2Ban, Rate Limit ..
Sean Devoy
sdevoy at bizfocused.com
Tue Sep 24 17:36:50 UTC 2019
This likely does not apply to most VSPs, but our clients are confined to about 10 IPs and our upstream provider has about 6. The only solution I found is to block everything but these.
However, before that fix, I found that EVERY attempt to hack in was via IP Address. We use the multidomain setup, so no number at ipaddresss will ever work, they must be @<fqdn>.
From: FreeSWITCH-users <freeswitch-users-bounces at lists.freeswitch.org> On Behalf Of Lloyd Aloysius
Sent: Tuesday, September 24, 2019 8:27 AM
To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
Subject: [Freeswitch-users] Security - IPtables, Fail2Ban, Rate Limit ..
Recently see lots of attacks. Try to protect the system. Currently using iptables and fail2ban. It is not enough. I see the following page explain rate limit.
https://freeswitch.org/confluence/display/FREESWITCH/Security
# Trixter's SIP rate limiter (This helps protect you from DoS attacks)
iptables -A INPUT -p udp --dport 5060 -m limit --limit 5/s --limit-burst 5 -i eth0 -j REJECT
iptables -A INPUT -p udp --dport 5080 -m limit --limit 5/s --limit-burst 5 -i eth0 -j REJECT
What is the best limit for 500 phones. Is there any other best practice to protect the system for Dos attacks.
Thanks
Lloyd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20190924/19c375ad/attachment.html>
More information about the FreeSWITCH-users
mailing list