<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
span.hoenzb
        {mso-style-name:hoenzb;}
span.E-MailFormatvorlage18
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-family:"Calibri","sans-serif";
        mso-fareast-language:EN-US;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=DE link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Our System runs on Windows on a hosted dedicated server since 4 years without problems.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>So I think the choice is not Linux or Windows, the right choice is where you have your knowledge. Windows is also absolute secure if you know which settings are important for a good security.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p>&nbsp;</o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Kind regards<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Erkan<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p>&nbsp;</o:p></span></p><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> freeswitch-users-bounces@lists.freeswitch.org [mailto:freeswitch-users-bounces@lists.freeswitch.org] <b>On Behalf Of </b>Muhammad Shahzad<br><b>Sent:</b> Thursday, June 14, 2012 8:46 AM<br><b>To:</b> FreeSWITCH Users Help<br><b>Subject:</b> Re: [Freeswitch-users] Brute-force attack<o:p></o:p></span></p><p class=MsoNormal><o:p>&nbsp;</o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'>I would strongly suggest to move your production system to Linux, which is by far secure and controllable then Windows. Right now, if somebody does not breaks into your voip setup using some bruteforce / DOS attack, s/he can still exploit some hole in Windows to crack your security. Windows is simply not secure enough to production grade performance.<br><br>Thank you.<br><br><o:p></o:p></p><div><p class=MsoNormal>On Thu, Jun 14, 2012 at 6:39 AM, Avi Marcus &lt;<a href="mailto:avi@avimarcus.net" target="_blank">avi@avimarcus.net</a>&gt; wrote:<o:p></o:p></p><div><p class=MsoNormal>That's not necessarily the best kind of password... see <a href="http://xkcd.com/936" target="_blank">http://xkcd.com/936</a>/ and then <a href="http://tech.dropbox.com/?p=165" target="_blank">http://tech.dropbox.com/?p=165</a><span style='color:#888888'><br><br><span class=hoenzb>-Avi</span></span><o:p></o:p></p><div><div><p class=MsoNormal><br><br><br>On Thu, Jun 14, 2012 at 6:23 AM, jay binks &lt;<a href="mailto:jaybinks@gmail.com" target="_blank">jaybinks@gmail.com</a>&gt; wrote:<br>&gt; Strong passwords are a great start, but fail2ban does a little more than<br>&gt; this.<br>&gt;<br>&gt; you could move off port 5060 to something un-conventional, meaning your less<br>&gt; likely to get scanned / brute forced.<br>&gt;<br>&gt; Jay<br>&gt;<br>&gt; On 14 June 2012 12:27, ocset &lt;<a href="mailto:ocset@the800group.com" target="_blank">ocset@the800group.com</a>&gt; wrote:<br>&gt;&gt;<br>&gt;&gt; Hi<br>&gt;&gt;<br>&gt;&gt; I have deployed Freeswiitch on windows 7 and since there is no fail2ban<br>&gt;&gt; on windows, I was wondering what the real risk is with opening it up to<br>&gt;&gt; the internet. If I was to ensure that all users and passwords were<br>&gt;&gt; extremely difficult to guess (passwords like &quot;2$53E_d7?^2!3s$&quot;), what<br>&gt;&gt; are the risks that I am exposing myself to? Is there a type of DoS for<br>&gt;&gt; voip where hackers can just flood my system with requests simply to be<br>&gt;&gt; malicious?<br>&gt;&gt;<br>&gt;&gt; There are VB windows scripts available that emulate what fail2ban does<br>&gt;&gt; on Linux but I was just wondering whether I really need to implement<br>&gt;&gt; this level of security if I can control the password complexity in<br>&gt;&gt; Freeswitch.<br>&gt;&gt;<br>&gt;&gt; Thanks<br>&gt;&gt; O<br>&gt;&gt;<br>&gt;&gt;<br>&gt;&gt; _________________________________________________________________________<br>&gt;&gt; Professional FreeSWITCH Consulting Services:<br>&gt;&gt; <a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>&gt;&gt; <a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>&gt;&gt;<br>&gt;&gt; FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>&gt;&gt; <a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>&gt;&gt;<br>&gt;&gt; Official FreeSWITCH Sites<br>&gt;&gt; <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>&gt;&gt; <a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>&gt;&gt; <a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>&gt;&gt;<br>&gt;&gt; Join Us At ClueCon - Aug 7-9, 2012<br>&gt;&gt;<br>&gt;&gt; FreeSWITCH-users mailing list<br>&gt;&gt; <a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>&gt;&gt; <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>&gt;&gt; UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>&gt;&gt; <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>&gt;<br>&gt;<br>&gt;<br>&gt;<br>&gt; --<br>&gt; Sincerely<br>&gt;<br>&gt; Jay<br>&gt;<br>&gt; _________________________________________________________________________<br>&gt; Professional FreeSWITCH Consulting Services:<br>&gt; <a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>&gt; <a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>&gt;<br>&gt; FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>&gt; <a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>&gt;<br>&gt; Official FreeSWITCH Sites<br>&gt; <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>&gt; <a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>&gt; <a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>&gt;<br>&gt; Join Us At ClueCon - Aug 7-9, 2012<br>&gt;<br>&gt; FreeSWITCH-users mailing list<br>&gt; <a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>&gt; <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>&gt; UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>&gt; <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>&gt;<o:p></o:p></p></div></div></div><p class=MsoNormal style='margin-bottom:12.0pt'><br>_________________________________________________________________________<br>Professional FreeSWITCH Consulting Services:<br><a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br><a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br><br>FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br><a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br><br>Official FreeSWITCH Sites<br><a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br><a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br><a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br><br>Join Us At ClueCon - Aug 7-9, 2012<br><br>FreeSWITCH-users mailing list<br><a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br><a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br><a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><o:p></o:p></p></div><p class=MsoNormal><br><br clear=all><br>-- <br>Muhammad Shahzad<br>-----------------------------------<br>CISCO Rich Media Communication Specialist (CRMCS)<br>CISCO Certified Network Associate (CCNA)<br>Cell: +92 334 422 40 88<br>MSN: <a href="mailto:shari_786pk@hotmail.com">shari_786pk@hotmail.com</a><br>Email: <a href="mailto:shaheryarkh@googlemail.com">shaheryarkh@googlemail.com</a><o:p></o:p></p></div></body></html>