[asterisk-dev] Security Request for discussion: Should sip.conf allowguest=yes be the default
Alexander Harrowell
alexander.harrowell at stlpartners.com
Thu Nov 12 11:11:41 CST 2009
On Thursday 12 November 2009 16:59:40 Alexandre Cavalcante Alencar wrote:
>
> It will be very welcome to change the default insecure behavior to a
> more secure one. But it's not the solution for all the security
> problems out there.
>
Look at the impact Microsoft's decisions to leave various things in an
insecure state by default had on the global Internet community. How many major
botnets would there be had XP shipped with WinFirewall set ON?
Arguably, shipping software designed to be connected to the Internet at one
end and possibly to a telecomms network which is both metered and considered
safety critical at the other without leaving its defaults in a secure state is
irresponsbile.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-dev/attachments/20091112/9a8e54c0/attachment-0001.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part.
Url : http://lists.digium.com/pipermail/asterisk-dev/attachments/20091112/9a8e54c0/attachment-0001.pgp
More information about the asterisk-dev
mailing list