[asterisk-dev] Asterisk Network Security Idea (using tcp_wrappers)

Venefax venefax at gmail.com
Sun Mar 29 16:44:33 CDT 2009


Can you elaborate about the "Rsh" problem? Maybe I am fool and just found
out.
F.A.

-----Original Message-----
From: asterisk-dev-bounces at lists.digium.com
[mailto:asterisk-dev-bounces at lists.digium.com] On Behalf Of Steve Edwards
Sent: Sunday, March 29, 2009 5:32 PM
To: Asterisk Developers Mailing List
Subject: Re: [asterisk-dev] Asterisk Network Security Idea (using
tcp_wrappers)

On Sun, 29 Mar 2009, Joseph Benden wrote:

> I also don't think that we can accept the blame for system admins who
> have not properly learned who to take care of their machines. If they
> are broken into because they left Rsh exposed; is it really our fault?
> If they leave SIP wide open with no password and default context can
> place international calls; is it our fault?

I disagree here.

If some of the recent posts to this list are any indication, Asterisk is 
being deployed by people who have no effing clue.

While, distributing default open and vulnerable configurations *may* not 
carry any legal responsibility, I feel an ethical responsibility not to 
hand out the pointy scissors to children.

Part of the acceptance factor of an IT product is how it's security is 
perceived in the "press." If every Asterisk server is vulnerable to script 
kiddies "out of the box," it will earn a reputation that will be difficult 
to overcome.

Thanks in advance,
------------------------------------------------------------------------
Steve Edwards      sedwards at sedwards.com      Voice: +1-760-468-3867 PST
Newline                                             Fax: +1-760-731-3000

_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--

asterisk-dev mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-dev




More information about the asterisk-dev mailing list