Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Operator » Security recommendation
Vladimir Toncar (Kerio)

Messages: 1696
Karma: 39
Send a private message to this user

I'd like to notify Operator administrators that we are seeing an increased number of SIP password guessing attempts. It's the most common form of attack - scanning for password-less SIP accounts but it is much more frequent. Kerio runs several test Operator servers connected to the public network and the number of password guessing attempts has increased 3-4 times above the usual levels.

If you run an Operator server connected to the public internet, this is what you should check:

* Are your SIP passwords complex enough? The administration GUI generates a complex password whenever you add a new extension, so you can use those.

* Are your limits for password guessing strict enough? If you had a reason to relax them in the past, now it's time to reconsider. Also consider increasing the blocking time - up to several days.


[Updated on: Mon, 14 April 2014 15:09]

Previous Topic: Kerio Operator 2.2.3
Next Topic: Softphone iPhone Ed. ring problem
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Oct 17 02:00:16 CEST 2017

Total time taken to generate the page: 0.00392 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.