Chapter 4. VoIP Security
VoIP and FreeSWITCH security is a multi-layered area. You need to take care of all and each of those layers, because it is the weakest link that defines the strength of the chain.
We will not touch here on the issues related to general computer security. We will focus instead only on specific FreeSWITCH and VoIP best practices. Please note that if you have root access to your server via the Internet with a password "12345678", all the following specific measures will do little good.
In this chapter, we will cover:
- Best practices to secure and protect FreeSWITCH
- Fail2ban configuration
- Encryption of SIP signaling, fraud prevention
- Encryption of RTP audio, privacy, and confidentiality
- Certificates in WebRTC and WebSockets (DTLS, mod_verto)
