[Freeswitch-users] freeswitch hack

Michael Collins msc at freeswitch.org
Wed Feb 20 20:08:35 MSK 2013

On Wed, Feb 20, 2013 at 1:53 AM, Mario Karakanovski <mario at ims.bg> wrote:

>  Thanks Ken,****
> ** **
> It is helpful, but I still think there is some security issue. I’ve double
> check configuration. I’ve try to reproduce the issue trying to do direct
> call (TCP and UDP) or authenticate with invalid user, but everything works
> as expected – calls/authentication was rejected. I’ve decide to log the
> traffic – maybe I will be able to see where is the problem.

What "security issue"? You said that they cannot make calls with the
passwords that they've guessed, correct? About the only thing left to do is
set up fail2ban <http://wiki.freeswitch.org/wiki/Fail2ban>and just shut the
door on them when they fail too many times.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130220/f346250a/attachment.html 

Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list