[Freeswitch-users] needs some advice to secure my system
mojo1736 at privatedemail.net
Wed Feb 15 03:04:33 MSK 2012
> As folks have suggested, run SIP on another port to avoid detection,
> and only open your firewall on 5060 for absolute necessities.
Another useful thing - at least in my case - is to configure iptables so
that this ip is completely disabled - i.e. connections (SYNs) from/to
this particular IP address are instantly dropped, no matter what port
this connection requests are made to.
I am employing a long list of banned addresses and instead of getting
1000s of requests/scans after employing this "blacklist" now I have
reduced these scans to just a few per day. Very effective!
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users