[Freeswitch-users] needs some advice to secure my system

[Josh]

> As folks have suggested, run SIP on another port to avoid detection, 
> and only open your firewall on 5060 for absolute necessities.
>
Another useful thing - at least in my case - is to configure iptables so 
that this ip is completely disabled - i.e. connections (SYNs) from/to 
this particular IP address are instantly dropped, no matter what port 
this connection requests are made to.

I am employing a long list of banned addresses and instead of getting 
1000s of requests/scans after employing this "blacklist" now I have 
reduced these scans to just a few per day. Very effective!