See inline... On Wed, May 11, 2011 at 8:17 AM, Gerald Drouillard <[email protected]>wrote:
> On 5/11/2011 4:29 AM, barisyanar wrote: > > Raised more questions: > > > > 1 - IP Ban: How would this work if the call is made via gateway (e.g. > > Audiocodes). Should we do something with caller ID? > Just like in fail2ban you can choose to whitelist IP's or networks. > Whitelist is a wide open connection for those IP. Blacklist is a flat deny for those IP's. Exceeding rate limits puts an IP into the 'penalty box' where their rate is limited. > > > > 2- Account blocking: Shouldn't this be a generic mechanism including > > also user portal access failures and then password renewal automation > > etc. (Does there exist an issue for this? I don't know ) > Almost all the web only services send a link to your email when you > account is locked any you try to log in. With the link you can reset > your password. We have to think about the 2 kinds of access devices an > maybe have different locks accordingly: > phone > web browser > > > > 3- If we come back to VM; shouldn't there be a warning playback saying > > remaining access numbers during multiple wrong login attempts in > > "short period". > If you wanted to get totally automated, then the system could ask if the > user wants a password reset link sent to their email. > > > > 4- The definition of "short period"? Is it a single call made to VM > > or may it include multiple calls in a "short period"? > I still think we can do all this with more efficient logging to > something like sipxauth.log and use fail2ban to setup all the rules. > The phone service can be treated just like any other public web service. > > > -- > Regards > -------------------------------------- > Gerald Drouillard > Technology Architect > Drouillard& Associates, Inc. > http://www.Drouillard.biz > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > -- There are 10 kinds of people in this world, those who understand binary and those who don't. [email protected] blog: http://www.sipxecs.info call: sip:[email protected]
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
