<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div>Hello,</div><div><br class=""></div><div>You have to use one of the below options:</div><div><br class=""></div><div><b class=""><u class="">Option1:</u></b></div><div>if you are not allowing another system to access you system without username and password i.e. you make your system as sip gateway for other trusted company, the you can remove the file named “external.xml” under /usr/local/freeswitch/conf/<font face="Menlo" class=""><span style="font-size: 11px;" class="">sip_profiles/, then either restart your instance or run “reload mod_sofia” in fs_cli</span></font></div><div><br class=""></div><div><font face="Menlo" class=""><span style="font-size: 11px;" class=""><b class=""><u class=""><font color="#ff2600" class="">Note</font></u></b> be sure that you take a copy of external.xml before you remove it.</span></font></div><div><font face="Menlo" class=""><span style="font-size: 11px;" class=""><br class=""></span></font></div><div><b class=""><u class="">Option2:</u></b></div><div>add the below line in you external.xml profile mentioned above, this will not allow any external system to login expect if it has been allowed in you ACL list or it has a username/password this will make things little hard, then you may install fail2ban module.</div><div><br class=""></div><div>all cases you need to restart your profiles.</div><div><br class=""></div><div>Thanks,</div><div><br class=""></div><div>Ahmed Habiba</div><div><br class=""><blockquote type="cite" class=""><div class=""><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0px;" class=""><span style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif; color: rgb(127, 127, 127);" class=""><b class="">From:<span class="Apple-converted-space"> </span></b></span><span style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif;" class="">Jude Mukundane <<a href="mailto:jude19love@gmail.com" class="">jude19love@gmail.com</a>><br class=""></span></div><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0px;" class=""><span style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif; color: rgb(127, 127, 127);" class=""><b class="">Subject:<span class="Apple-converted-space"> </span></b></span><span style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif;" class=""><b class="">Re: [Freeswitch-users] Suspicious Incoming Calls</b><br class=""></span></div><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0px;" class=""><span style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif; color: rgb(127, 127, 127);" class=""><b class="">Date:<span class="Apple-converted-space"> </span></b></span><span style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif;" class="">February 6, 2016 at 6:50:23 PM GMT+3<br class=""></span></div><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0px;" class=""><span style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif; color: rgb(127, 127, 127);" class=""><b class="">To:<span class="Apple-converted-space"> </span></b></span><span style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif;" class="">FreeSWITCH Users Help <<a href="mailto:freeswitch-users@lists.freeswitch.org" class="">freeswitch-users@lists.freeswitch.org</a>><br class=""></span></div><div style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; margin: 0px;" class=""><span style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif; color: rgb(127, 127, 127);" class=""><b class="">Reply-To:<span class="Apple-converted-space"> </span></b></span><span style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif;" class="">FreeSWITCH Users Help <<a href="mailto:freeswitch-users@lists.freeswitch.org" class="">freeswitch-users@lists.freeswitch.org</a>><br class=""></span></div><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""><div dir="ltr" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class="">Hello Deepika, <div class=""><br class=""></div><div class="">This is common for anyone running FS in the cloud with discoverable ports. Lots of people just run scripts that crawl the internet in search of SIP servers. After getting one they try bogus invites to try and see if they can get calls through - if your server is forwarding to PSTN, you could end up with a bill in thousands of dollars in minutest. In my case, I use a simple IP Table in Ubuntu (more like an access control list) to define allowed and non allowed IPs. </div><div class=""><br class=""></div><div class="">Can someone please elaborate on a measure that inolves config level security because blocking out masses is not goot Internet Citizenry.</div><div class=""><br class=""></div><div class="">Jude</div></div><div class="gmail_extra" style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><br class=""><div class="gmail_quote">On Sat, Feb 6, 2016 at 2:24 PM, Deepika Yadav<span class="Apple-converted-space"> </span><span dir="ltr" class=""><<a href="mailto:deepikay@iiitd.ac.in" target="_blank" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">deepikay@iiitd.ac.in</a>></span><span class="Apple-converted-space"> </span>wrote:<br class=""><blockquote class="gmail_quote" style="margin: 0px 0px 0px 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex;"><div dir="ltr" class="">Hi, <div class=""><br class=""></div><div class="">I have microsip installed in my windows configured for one or two SIP accounts for different Freeswitch servers. I am receiving a call from 2022@myPublicIP repeatitively even if I disconnect from all the accounts, these Freeswitch servers are hosted at cloud machine.</div><div class=""><br class=""></div><div class="">Is it a case of hacking the servers. What measures should I take to secure both my servers and system.</div><div class=""><br class=""></div><div class="">Regards,</div><div class="">Deepika</div></div><br class="">_________________________________________________________________________<br class="">Professional FreeSWITCH Consulting Services:<br class=""><a href="mailto:consulting@freeswitch.org" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">consulting@freeswitch.org</a><br class=""><a href="http://www.freeswitchsolutions.com/" rel="noreferrer" target="_blank" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">http://www.freeswitchsolutions.com</a><br class=""><br class="">Official FreeSWITCH Sites<br class=""><a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">http://www.freeswitch.org</a><br class=""><a href="http://confluence.freeswitch.org/" rel="noreferrer" target="_blank" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">http://confluence.freeswitch.org</a><br class=""><a href="http://www.cluecon.com/" rel="noreferrer" target="_blank" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">http://www.cluecon.com</a><br class=""><br class="">FreeSWITCH-users mailing list<br class=""><a href="mailto:FreeSWITCH-users@lists.freeswitch.org" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">FreeSWITCH-users@lists.freeswitch.org</a><br class=""><a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br class="">UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br class=""><a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">http://www.freeswitch.org</a><br class=""></blockquote></div><br class=""></div><br style="font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px;" class=""></div></blockquote></div><br class=""></body></html>