<div dir="ltr">1) Only open ports that are needed, see a list here: <a href="http://wiki.freeswitch.org/wiki/Firewall">http://wiki.freeswitch.org/wiki/Firewall</a><div>2) For linux, fail2ban is.. necessary? <a href="http://wiki.freeswitch.org/wiki/Fail2ban">http://wiki.freeswitch.org/wiki/Fail2ban</a></div>
<div>The DOS filter would have banned those registrations in just a few seconds...</div><div><br></div><div>If you're on *bsd, you can certainly manually block that IP with whatever firewall is there.</div><div><br></div>
<div>If you're on windows.. there isn't anything like fail2ban as far as I know..</div><div><br></div><div><div dir="ltr"><span style="font-family:Verdana,Arial,Helvetica,sans-serif"><span style="font-size:small">-Avi</span></span></div>
<br><br><div class="gmail_quote">On Tue, Feb 7, 2012 at 4:54 PM, Philippe Le Toquin <span dir="ltr"><<a href="mailto:philippe@ppmt.org">philippe@ppmt.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
wow!<br><br>Not sure I understood all I am afraid.<div class="im"><br><br><div>- SIP Origination / Inbound SIP = IP range ACL with carrier</div><br></div>Does the above mean to find out the ip of the SIP provider I use and only authorising these ones?<br>
<br>/Philippe<br><br><div class="gmail_quote"><div><div class="h5">On 7 February 2012 09:47, Bob Smith <span dir="ltr"><<a href="mailto:gb10hkzo-freeswitch@yahoo.co.uk" target="_blank">gb10hkzo-freeswitch@yahoo.co.uk</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5">
<div><div style="font-size:12pt;font-family:times new roman,new york,times,serif"><div>Hello Philippe,</div><div><br></div><div>The idea I am currently working towards implementing is :</div><div><br></div><div>- SIP Origination / Inbound SIP = IP range ACL with carrier</div>
<div>- User Origination / Devlivery = OpenVPN + SNOM Handsets (they have a built-in OpenVPN client, quite cool !)</div><div><br></div><div>You can lock down OpenVPN quite tight so it hardly reponds at all to unauthorised requests.</div>
<div><br></div><div>I have only just started my testing, but other than some issues with inbound calls and multiple profiles that I'm trying to iron out at the moment, everything seems to be working ok.</div><span><font color="#888888"><div>
<br></div><div>Bob<br></div></font></span></div></div><br></div></div>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div></div>