Hi!
I was just testing the digest replay possibilities against Kamailio. (findings:
http://www.kamailio.org/wiki/tutorials/security/kamailio-security#digest_authentication)
It looks that by default (the typical default configs), a SIP replay attack can
be done during 300 seconds (?) .
Now I t
I started the pages, to be found :
http://www.kamailio.org/wiki/tutorials/security/security-threats
http://www.kamailio.org/wiki/tutorials/security/kamailio-security
They are a long from being complete, but it's a start, feel free to
modify/correct/add content!
2013-12-18 davy
> ACK
>
> :)
>
ACK
:)
Op 18-dec.-2013, om 15:30 heeft Daniel-Constantin Mierla
het volgende geschreven:
> Hello,
>
> On 18/12/13 10:53, davy wrote:
>> Cool, I'll spend some time this weekend to have a first stake in the ground
>> on the wiki !
>
> great! Just use namespaces when creating new pages, to hav
Hello,
On 18/12/13 10:53, davy wrote:
Cool, I'll spend some time this weekend to have a first stake in the ground on
the wiki !
great! Just use namespaces when creating new pages, to have a good
structure of the wiki. It can be something under tutorials, such as:
tutorials:security:TITLE
On 12/18/2013 06:11 AM, davy wrote:
But I think two aspects might be very handy. A first would be to list
all the attacks on VoIP networks known to man, and how Kamailio can
help defending on this, with e.g. config snippets, …
A second which I personally find very interesting, is how we can hav
Alex,
Thx for your prompt feedback!
We could conclude that stating something like "This config is the best way to
secure your Kamailio", is a contradictio in terminis ;)
But I think two aspects might be very handy. A first would be to list all the
attacks on VoIP networks known to man, and ho
Davy,
I would also weigh on the side of saying that Kamailio security, even in
a best-practical, common denominator kind of way, is inextricably bound
up in the specificity of how Kamailio is being used, the role it's
playing as a network element, the topology in which it is participating,
et
Awesome :)
Op 18-dec.-2013, om 11:02 heeft "Olle E. Johansson" het
volgende geschreven:
>
> On 18 Dec 2013, at 10:53, davy wrote:
>
>> Cool, I'll spend some time this weekend to have a first stake in the ground
>> on the wiki !
>>
>> It's better to have our security measures being checked
On 18 Dec 2013, at 10:53, davy wrote:
> Cool, I'll spend some time this weekend to have a first stake in the ground
> on the wiki !
>
> It's better to have our security measures being checked by peers than by
> hackers ;)
Thank you, Davy!
When you've got a template, ping me. I can send out i
Cool, I'll spend some time this weekend to have a first stake in the ground on
the wiki !
It's better to have our security measures being checked by peers than by
hackers ;)
Op 18-dec.-2013, om 09:33 heeft Daniel-Constantin Mierla
het volgende geschreven:
> Hello,
>
> On 17/12/13 17:27, d
Hello,
On 17/12/13 17:27, davy wrote:
Hi all,
we all enjoy our FAIL2BAN and snippets of our Kamailio config when we see it successfully
fight off the "friendly-scanner", and multiple futile attempts to fool our
systems. But it got me thinking…
What is a sufficient level of security on our Ka
Hi all,
we all enjoy our FAIL2BAN and snippets of our Kamailio config when we see it
successfully fight off the "friendly-scanner", and multiple futile attempts to
fool our systems. But it got me thinking…
What is a sufficient level of security on our Kamailio machinery… ? Are we all
just doin
12 matches
Mail list logo
