[Asterisk-Users] Survey: Grandstream improvements.........
John Brown (CV)
jmbrown at chagresventures.com
Wed Oct 22 06:59:43 MST 2003
On Wed, Oct 22, 2003 at 02:24:57PM +0100, WipeOut wrote:
> >> Here is another thought that I haven't heard mentioned...
> >>
> >> How about changing the TFTP upgrade in favour of HTTP upgrades and
> >> config file retrieval.. I am sure almost everyone has an HTTP server
> >> available to them but I doubt many have a TFTP server available.. I
> >> think this would help many people.. If you agree reply.. :)
>
> > Virtually every linux distribution I know of has TFTP as part of the
> > distribution, or is easily available as an add on. It is trivial to
> > set up, has very low overhead and a small footprint.
> >
> I still think HTTP is a better option.. There is far more control
> available in terms of securing it especially when the description of the
> package says " TFTP provides very little security, and should not be
> enabled unless it is expressly needed."..
>
right, adding HTTPS and HTTP to the boot loader would cause that
to inflate and possibly be to big to deal with.
so enable tftp and put a couple of ipfw statements on the box
to limit who can tftp from/to you.
when tftp says it provides little security, that should really
say tftp provides little to no authentication, ie it doesn't
ask for a uid/pwd.
http is a bad idea imho. I don't want to have to carry around
a web server on my laptop, or have to have my customers config
a web server to deal with updating their phone.
More information about the asterisk-users
mailing list