It IS possible to use windows 7 powershell scripts run on a schedule to dynamically add and remove firewall rules, it's something a firend and I did before for RDP. The RDP version is here:
<a href="http://www.jonsdocs.org.uk/wiki/index.php/PSLogonFailures">http://www.jonsdocs.org.uk/wiki/index.php/PSLogonFailures</a> <div><br></div><div>I'm sure with a little tweaking it can be made to work with freeswitch log files.<br>
<br><div class="gmail_quote">On 14 June 2012 11:58, Anton Kvashenkin <span dir="ltr"><<a href="mailto:anton.jugatsu@gmail.com" target="_blank">anton.jugatsu@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
For example, you don't need to open 5060 port to a whole world, just 5090 (the port you use for connecting road warriors). <a href="http://wiki.freeswitch.org/wiki/Nat" target="_blank">http://wiki.freeswitch.org/wiki/Nat</a>
<a href="http://wiki.freeswitch.org/wiki/External_profile" target="_blank">http://wiki.freeswitch.org/wiki/External_profile</a> <div class="HOEnZb"><div class="h5"><br><br><div class="gmail_quote">2012/6/14 ocset <span dir="ltr"><<a href="mailto:ocset@the800group.com" target="_blank">ocset@the800group.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
Anton<br>
<br>
I know nothing about ext-rtp-ip and ext-sip-ip. Could you please
explain how this will help in making the system more secure?<br>
<br>
Thanks<span><font color="#888888"><br>
O <br></font></span><div><div>
<br>
On 14/06/12 16:27, Anton Kvashenkin wrote:
<blockquote type="cite">I would suggest to create separate profile for remote
workers. For example, external-road-warrios. So you can play with
ext-rtp-ip and ext-sip-ip.<br>
<br>
<div class="gmail_quote">2012/6/14 Peter Olsson <span dir="ltr"><<a href="mailto:peter.olsson@visionutveckling.se" target="_blank">peter.olsson@visionutveckling.se</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I use both
Windows and Linux systems. As long as you know how to manage
both systems, there is not a big difference when it comes to
exploits and general security (not anymore anyway, if you use
current versions). I would say that the biggest issue here is
the knowledge of the people managing the systems. And it's
usually more secure to manage a system that you know, then a
system you don't know much about, even though that system is
considered to be more secure.<br>
<br>
Lots has happened since Windows 95 :)<br>
<br>
Anyway, for this kind of setup I would also prefer Linux, but
mostly for the possibilites with fail2ban etc, which doesn't
exist on Windows. I'm thinking of writiling something similar
for Windows, hopefully I get som time for that soon...<br>
<br>
/Peter<br>
<br>
14 jun 2012 kl. 07:51 skrev "Muhammad Shahzad" <<a href="mailto:shaheryarkh@googlemail.com" target="_blank">shaheryarkh@googlemail.com</a><mailto:<a href="mailto:shaheryarkh@googlemail.com" target="_blank">shaheryarkh@googlemail.com</a>>>:<br>
<div><br>
I would strongly suggest to move your production system to
Linux, which is by far secure and controllable then Windows.
Right now, if somebody does not breaks into your voip setup
using some bruteforce / DOS attack, s/he can still exploit
some hole in Windows to crack your security. Windows is
simply not secure enough to production grade performance.<br>
<br>
Thank you.<br>
<br>
<br>
</div>
<div>On Thu, Jun 14, 2012 at 6:39 AM, Avi Marcus
<<a href="mailto:avi@avimarcus.net" target="_blank">avi@avimarcus.net</a><mailto:<a href="mailto:avi@avimarcus.net" target="_blank">avi@avimarcus.net</a>>>
wrote:<br>
That's not necessarily the best kind of password... see <a href="http://xkcd.com/936/" target="_blank">http://xkcd.com/936/</a> and then <a href="http://tech.dropbox.com/?p=165" target="_blank">http://tech.dropbox.com/?p=165</a><br>
<br>
-Avi<br>
<br>
<br>
<br>
</div>
<div>On Thu, Jun 14, 2012 at 6:23 AM, jay binks
<<a href="mailto:jaybinks@gmail.com" target="_blank">jaybinks@gmail.com</a><mailto:<a href="mailto:jaybinks@gmail.com" target="_blank">jaybinks@gmail.com</a>>>
wrote:<br>
> Strong passwords are a great start, but fail2ban does a
little more than<br>
> this.<br>
><br>
> you could move off port 5060 to something
un-conventional, meaning your less<br>
> likely to get scanned / brute forced.<br>
><br>
> Jay<br>
><br>
</div>
<div>> On 14 June 2012 12:27, ocset <<a href="mailto:ocset@the800group.com" target="_blank">ocset@the800group.com</a><mailto:<a href="mailto:ocset@the800group.com" target="_blank">ocset@the800group.com</a>>>
wrote:<br>
>><br>
>> Hi<br>
>><br>
>> I have deployed Freeswiitch on windows 7 and since
there is no fail2ban<br>
>> on windows, I was wondering what the real risk is
with opening it up to<br>
>> the internet. If I was to ensure that all users and
passwords were<br>
>> extremely difficult to guess (passwords like
"2$53E_d7?^2!3s$"), what<br>
>> are the risks that I am exposing myself to? Is
there a type of DoS for<br>
>> voip where hackers can just flood my system with
requests simply to be<br>
>> malicious?<br>
>><br>
>> There are VB windows scripts available that emulate
what fail2ban does<br>
>> on Linux but I was just wondering whether I really
need to implement<br>
>> this level of security if I can control the
password complexity in<br>
>> Freeswitch.<br>
>><br>
>> Thanks<br>
>> O<br>
>><br>
>><br>
>>
_________________________________________________________________________<br>
>> Professional FreeSWITCH Consulting Services:<br>
</div>
>> <a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><mailto:<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>><br>
<div>>> <a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
>><br>
>> FreeSWITCH-powered IP PBX: The CudaTel
Communication Server<br>
>> <a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
>><br>
>> Official FreeSWITCH Sites<br>
>> <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
>> <a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
>> <a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
>><br>
>> Join Us At ClueCon - Aug 7-9, 2012<br>
>><br>
>> FreeSWITCH-users mailing list<br>
</div>
>> <a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><mailto:<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>><br>
<div>>> <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
>> UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
>> <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
><br>
><br>
><br>
><br>
> --<br>
> Sincerely<br>
><br>
> Jay<br>
><br>
>
_________________________________________________________________________<br>
> Professional FreeSWITCH Consulting Services:<br>
</div>
> <a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><mailto:<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>><br>
<div>> <a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
><br>
> FreeSWITCH-powered IP PBX: The CudaTel Communication
Server<br>
> <a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
><br>
> Official FreeSWITCH Sites<br>
> <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
> <a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
> <a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
><br>
> Join Us At ClueCon - Aug 7-9, 2012<br>
><br>
> FreeSWITCH-users mailing list<br>
</div>
> <a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><mailto:<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>><br>
<div>> <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
> UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
> <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
><br>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
</div>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><mailto:<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>><br>
<div><a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
Join Us At ClueCon - Aug 7-9, 2012<br>
<br>
FreeSWITCH-users mailing list<br>
</div>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><mailto:<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>><br>
<div><a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
<br>
<br>
<br>
--<br>
Muhammad Shahzad<br>
-----------------------------------<br>
CISCO Rich Media Communication Specialist (CRMCS)<br>
CISCO Certified Network Associate (CCNA)<br>
Cell: <a href="tel:%2B92%20334%20422%2040%2088" value="+923344224088" target="_blank">+92 334 422 40 88</a><br>
</div>
MSN: <a href="mailto:shari_786pk@hotmail.com" target="_blank">shari_786pk@hotmail.com</a><mailto:<a href="mailto:shari_786pk@hotmail.com" target="_blank">shari_786pk@hotmail.com</a>><br>
Email: <a href="mailto:shaheryarkh@googlemail.com" target="_blank">shaheryarkh@googlemail.com</a><mailto:<a href="mailto:shaheryarkh@googlemail.com" target="_blank">shaheryarkh@googlemail.com</a>><br>
!DSPAM:4fd978c432761360223007!<br>
<div>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
</div>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><mailto:<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>><br>
<div><a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
Join Us At ClueCon - Aug 7-9, 2012<br>
<br>
FreeSWITCH-users mailing list<br>
</div>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><mailto:<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>><br>
<div><a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br>
<br>
</div>
!DSPAM:4fd978c432761360223007!<br>
<div>
<div><br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication
Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
Join Us At ClueCon - Aug 7-9, 2012<br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
</div>
</div>
</blockquote>
</div>
<br>
<br>
<fieldset></fieldset>
<br>
<pre>_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a>
Join Us At ClueCon - Aug 7-9, 2012
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
</pre>
</blockquote>
</div></div></div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
Join Us At ClueCon - Aug 7-9, 2012<br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br>
</div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
Join Us At ClueCon - Aug 7-9, 2012<br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><b>Andrew Cassidy BSc (Hons) MBCS SSCA</b><div>Managing Director<div><div><img src="http://c1170247.r47.cf3.rackcdn.com/emailsig.png"><br></div><div><br><div>
<b style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">T</a> </b>03300 100 960
<b style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">F</a> </b>03300 100 961</div>
<div><b style="text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">E</a> </b><a href="mailto:andrew@cassidywebservices.co.uk" target="_blank">andrew@cassidywebservices.co.uk</a></div>
<div><b style="text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">W</a> </b><a href="http://www.cassidywebservices.co.uk" target="_blank">www.cassidywebservices.co.uk</a></div>
</div></div></div><br>
</div>