[Freeswitch-users] Brute-force attack

Thu Jun 14 09:46:16 MSD 2012

I would strongly suggest to move your production system to Linux, which is
by far secure and controllable then Windows. Right now, if somebody does
not breaks into your voip setup using some bruteforce / DOS attack, s/he
can still exploit some hole in Windows to crack your security. Windows is
simply not secure enough to production grade performance.

Thank you.

On Thu, Jun 14, 2012 at 6:39 AM, Avi Marcus <avi at avimarcus.net> wrote:

> That's not necessarily the best kind of password... see
> http://xkcd.com/936/ and then http://tech.dropbox.com/?p=165
>
> -Avi
>
>
>
> On Thu, Jun 14, 2012 at 6:23 AM, jay binks <jaybinks at gmail.com> wrote:
> > Strong passwords are a great start, but fail2ban does a little more than
> > this.
> >
> > you could move off port 5060 to something un-conventional, meaning your
> less
> > likely to get scanned / brute forced.
> >
> > Jay
> >
> > On 14 June 2012 12:27, ocset <ocset at the800group.com> wrote:
> >>
> >> Hi
> >>
> >> I have deployed Freeswiitch on windows 7 and since there is no fail2ban
> >> on windows, I was wondering what the real risk is with opening it up to
> >> the internet. If I was to ensure that all users and passwords were
> >> extremely difficult to guess (passwords like "2$53E_d7?^2!3s$"), what
> >> are the risks that I am exposing myself to? Is there a type of DoS for
> >> voip where hackers can just flood my system with requests simply to be
> >> malicious?
> >>
> >> There are VB windows scripts available that emulate what fail2ban does
> >> on Linux but I was just wondering whether I really need to implement
> >> this level of security if I can control the password complexity in
> >> Freeswitch.
> >>
> >> Thanks
> >> O
> >>
> >>
> >>
> _________________________________________________________________________
> >> Professional FreeSWITCH Consulting Services:
> >> consulting at freeswitch.org
> >> http://www.freeswitchsolutions.com
> >>
> >> 
> >> 
> >>
> >> Official FreeSWITCH Sites
> >> http://www.freeswitch.org
> >> http://wiki.freeswitch.org
> >> http://www.cluecon.com
> >>
> >> Join Us At ClueCon - Aug 7-9, 2012
> >>
> >> FreeSWITCH-users mailing list
> >> FreeSWITCH-users at lists.freeswitch.org
> >> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> >> UNSUBSCRIBE:
> http://lists.freeswitch.org/mailman/options/freeswitch-users
> >> http://www.freeswitch.org
> >
> >
> >
> >
> > --
> > Sincerely
> >
> > Jay
> >
> > _________________________________________________________________________
> > Professional FreeSWITCH Consulting Services:
> > consulting at freeswitch.org
> > http://www.freeswitchsolutions.com
> >
> > 
> > 
> >
> > Official FreeSWITCH Sites
> > http://www.freeswitch.org
> > http://wiki.freeswitch.org
> > http://www.cluecon.com
> >
> > Join Us At ClueCon - Aug 7-9, 2012
> >
> > FreeSWITCH-users mailing list
> > FreeSWITCH-users at lists.freeswitch.org
> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> > http://www.freeswitch.org
> >
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> Join Us At ClueCon - Aug 7-9, 2012
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>

-- 
Muhammad Shahzad
-----------------------------------
CISCO Rich Media Communication Specialist (CRMCS)
CISCO Certified Network Associate (CCNA)
Cell: +92 334 422 40 88
MSN: shari_786pk at hotmail.com
Email: shaheryarkh at googlemail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120614/2cda64dc/attachment.html 