[Asterisk-Users] Asterisk Security vulnerability report

Steven Critchfield critch at basesys.com
Wed Sep 10 09:06:59 MST 2003


On Wed, 2003-09-10 at 10:51, Olle E. Johansson wrote:
> Lubomir Christov wrote:
> 
> > today I found this security report regarding Asterisk SIP Security.
> > 
> > http://www.securiteam.com/securitynews/5LP0720B5G.html
> > 
> Important information. Why a "silent" patch and no information to the mailing list?
> Security by obscurity :-(
> 
> Let's be open.
> 
> I've added a security page to the Wiki:
> http://www.voip-info.org/tiki-index.php?page=Asterisk+security

Maybe there should also be a link for best practices with respect to
dial plan layout. 

I guess since this is my second comment on the wiki, I should log in and
participate some. Although some of what I have to say I would like to be
thought about, and be "approved" before it gets merged in. 
-- 
Steven Critchfield  <critch at basesys.com>




More information about the asterisk-users mailing list