Tag Archives: security

fail2ban for playSMS

This is how to use fail2ban to protect playSMS from invalid logins. Invalid logins can come from bots specifically programmed to guess playSMS passwords. Correctly configured fail2ban will ban/block/reject IP of users/attackers when playSMS got too many invalid logins in short period of time.

Please note that the actual ban is done by iptables, or whatever action command used by fail2ban.

Continue reading

Secure Chat

A few days ago I wrote an article about ejabberd 16 installation and basic configuration on CentOS 6.7, and I missed one part where I should wrote the configuration of SSL certificates. You’ll need that to encrypt your chat sessions.

This article has three parts:

  • Part 1: Prepare SSL Certificate
  • Part 2: Adjust Configuration
  • Part 3: Reload Configuration

The goal is to get the installed ejabberd, preferably installed by following my ejabberd installation howto, to provide secure, encrypted, chat sessions.

Let’s just do it.

Continue reading

Secure Calling with Asterisk

In VoIP network with Asterisk being the server or SIP proxy the secure calling can be achieved by enabling TLS to encrypt the signalling and enabling SRTP or ZRTP to encrypt the media or data/voice. Once implemented SIP UA, softphone or IP phone, can be set to use TLS instead of UDP or TCP as it’s transport. The advantage of choosing TLS is that the SIP traffic exchanged between SIP UA and Asterisk will be encrypted, it means it will take a considerable amount of time and effort for the Man in The Middle to decrypt it without the encryption key, if not possible.

Below are screenshots of CSipSimple (Free and Open Source SIP softphone on Android) calling the other party and having end-to-end encryption during the call with Asterisk as the server:

tls_zrtp_sas_confirmation tls_zrtp_sas_confirmed

Continue reading