<div dir="ltr"><div>Here's a start:</div>-fail2ban on DDOS and excessive attempts to register with the wrong password. See the wiki page on fail2ban.<div>-ufw or similar to manage iptables, or iptables (or it's bsd equivalent) to drop everything but these ports: <meta http-equiv="content-type" content="text/html; charset=utf-8"><a href="http://wiki.freeswitch.org/wiki/Firewall">http://wiki.freeswitch.org/wiki/Firewall</a></div>
<div>-ssh - if you use ssh, use keys (with a passphrase?) rather than just plain passwords. I rarely get sip-attacks, but my logs show several SSH brute force attempts each day.</div><div>-Do you have any other users or services running on the server? if they have access to config files, or just to using resources that FS needs, it can compromise the security or just the quality of the call.</div>
<div><br clear="all"><div dir="ltr"><span style="font-family:Verdana, Arial, Helvetica, sans-serif"><span style="font-size:small">-Avi</span></span></div>
<br><br><div class="gmail_quote">On Tue, Oct 18, 2011 at 1:37 PM, Ben Naylor <span dir="ltr"><<a href="mailto:bnaylor@sirran.com">bnaylor@sirran.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div lang="EN-GB" link="blue" vlink="purple"><div><p class="MsoNormal">Hi All<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">I am going live with a Freeswitch server in a couple of weeks, and it will be using a public IP. I am a bit concerned that I may not have tightened security on the box enough to protect it (as best I can) from attack.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">I have had a look online for something similar to this but a freeswitch version, but can’t find anything - <a href="http://blogs.digium.com/2009/03/28/sip-security/" target="_blank">http://blogs.digium.com/2009/03/28/sip-security/</a><u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Can anyone suggest a list of things I should check before I go live with this server? I have already changed the default password, removed the default user accounts/passwords and removed the external SIP account.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Any ideas are greatly appreciated, also any links to websites that I may not have found yet.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">
Thanks for your help!<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Kind regards<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><font color="#888888"><p class="MsoNormal">Ben<u></u><u></u></p>
</font></div></div><br><br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div></div>