[Asterisk-Users] Plugging Asterisk Security Holes....

Jason Becker jason.becker at shaw.ca
Wed Mar 24 07:09:43 MST 2004


andrewg at felinemenace.org wrote:

>>Another topic of interest is securing the box itself. Does a firewall
>>(hardware outside of the box or a linux based firewall) suffice the need?
>>    
>>
>
>Depends what you are protecting against. If you want to assume some services are
>exploitable, you could try to break some of the exploits by firewalling off all 
>ports not used, and prevent all outgoing connections from your box except for 
>ports you use on that box. If you use netfilter, you can create rules that
>apply to user-ids as well, so you could allow asterisk more privileges.
>
>  
>
Nessus (http://www.nessus.org/) is a great vulnerability assessment tool 
one can use to determine if services are exploitable.

Cheers



More information about the asterisk-users mailing list