<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
I have run into this same problem with win2003. You may need to
check to see if windows 7 has IPSEC service. <br>
If so, you can set up a blocked list in ipsec that you can add ip
addresses to and windows won't let them into your machine. <br>
<br>
Click on Start menu<br>
choose Administrative Tools<br>
choose Services<br>
Find IPSEC Services - double click to open properties - make sure it
is set to Automatic and started.<br>
<br>
You can create the block list by issuing the following commands from
a command window:<br>
<br>
<big>netsh ipsec static add filteraction name=Block action=block<br>
netsh ipsec static add filter filterlist=BlockList
srcaddr=192.168.192.100 dstaddr=me<br>
netsh ipsec static add policy name=Block assign=yes
activatedefaultrule=no<br>
netsh ipsec static add rule name=BlockList policy=Block
filterlist=BlockList filteraction=Block<br>
netsh ipsec static delete filter filterlist=BlockList
srcaddr=192.168.192.100 dstaddr=Me<br>
</big><br>
<br>
create a directory called blockip <br>
<br>
now in notepad create <big>blockip.bat</big> with the following
line in it:<br>
<big>netsh ipsec static add filter filterlist=BlockList srcaddr=%1
dstaddr=me</big><br>
<br>
Now , in notepad, create<big> unblockip.bat</big> with the following
line in it:<br>
<big>netsh ipsec static delete filter filterlist=BlockList
srcaddr=%1 dstaddr=me</big><br>
<br>
<br>
to block ip address 123.123.123.123 type <big>blockip
123.123.123.123 </big> at a command prompt.<br>
<br>
to unblock ip address 123.123.123.123 type <big>unblockip
123.123.123.123 </big> at a command prompt.<br>
<br>
You can use xml_curl to keep track of hit frequency and do the
blocking for you. <br>
<br>
<br>
hope that helps....<br>
jack<br>
<br>
<br>
On 6/13/2012 7:27 PM, ocset wrote:
<blockquote cite="mid:4FD94C26.10800@the800group.com" type="cite">
<pre wrap="">Hi
I have deployed Freeswiitch on windows 7 and since there is no fail2ban
on windows, I was wondering what the real risk is with opening it up to
the internet. If I was to ensure that all users and passwords were
extremely difficult to guess (passwords like "2$53E_d7?^2!3s$"), what
are the risks that I am exposing myself to? Is there a type of DoS for
voip where hackers can just flood my system with requests simply to be
malicious?
There are VB windows scripts available that emulate what fail2ban does
on Linux but I was just wondering whether I really need to implement
this level of security if I can control the password complexity in
Freeswitch.
Thanks
O
_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a class="moz-txt-link-abbreviated" href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://www.freeswitchsolutions.com">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a class="moz-txt-link-freetext" href="http://www.cudatel.com">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a class="moz-txt-link-freetext" href="http://www.freeswitch.org">http://www.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://wiki.freeswitch.org">http://wiki.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://www.cluecon.com">http://www.cluecon.com</a>
Join Us At ClueCon - Aug 7-9, 2012
FreeSWITCH-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/options/freeswitch-users">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a class="moz-txt-link-freetext" href="http://www.freeswitch.org">http://www.freeswitch.org</a>
</pre>
</blockquote>
</body>
</html>