[Freeswitch-users] needs some advice to secure my system

Avi Marcus avi at avimarcus.net
Tue Feb 7 18:00:10 MSK 2012


1) Only open ports that are needed, see a list here:
http://wiki.freeswitch.org/wiki/Firewall
2) For linux, fail2ban is.. necessary?
http://wiki.freeswitch.org/wiki/Fail2ban
The DOS filter would have banned those registrations in just a few
seconds...

If you're on *bsd, you can certainly manually block that IP with whatever
firewall is there.

If you're on windows.. there isn't anything like fail2ban as far as I know..

-Avi


On Tue, Feb 7, 2012 at 4:54 PM, Philippe Le Toquin <philippe at ppmt.org>wrote:

> wow!
>
> Not sure I understood all I am afraid.
>
>
> - SIP Origination / Inbound SIP  =  IP range ACL with carrier
>
> Does the above mean to find out the ip of the SIP provider I use and only
> authorising these ones?
>
> /Philippe
>
> On 7 February 2012 09:47, Bob Smith <gb10hkzo-freeswitch at yahoo.co.uk>wrote:
>
>> Hello Philippe,
>>
>> The idea I am currently working towards implementing is :
>>
>> - SIP Origination / Inbound SIP  =  IP range ACL with carrier
>> - User Origination / Devlivery = OpenVPN + SNOM Handsets (they have a
>> built-in OpenVPN client, quite cool !)
>>
>> You can lock down OpenVPN quite tight so it hardly reponds at all to
>> unauthorised requests.
>>
>> I have only just started my testing, but other than some issues with
>> inbound calls and multiple profiles  that I'm trying to iron out at the
>> moment, everything seems to be working ok.
>>
>> Bob
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> 
>> 
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120207/354d1b10/attachment-0001.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list