[Freeswitch-users] freeswitch hack
Michael Collins
msc at freeswitch.org
Wed Feb 20 20:08:35 MSK 2013
On Wed, Feb 20, 2013 at 1:53 AM, Mario Karakanovski <mario at ims.bg> wrote:
> Thanks Ken,****
>
> ** **
>
> It is helpful, but I still think there is some security issue. I’ve double
> check configuration. I’ve try to reproduce the issue trying to do direct
> call (TCP and UDP) or authenticate with invalid user, but everything works
> as expected – calls/authentication was rejected. I’ve decide to log the
> traffic – maybe I will be able to see where is the problem.
>
What "security issue"? You said that they cannot make calls with the
passwords that they've guessed, correct? About the only thing left to do is
set up fail2ban <http://wiki.freeswitch.org/wiki/Fail2ban>and just shut the
door on them when they fail too many times.
-Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130220/f346250a/attachment.html
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list