[Asterisk-Users] Plugging Asterisk Security Holes....
Jason Becker
jason.becker at shaw.ca
Wed Mar 24 07:09:43 MST 2004
andrewg at felinemenace.org wrote:
>>Another topic of interest is securing the box itself. Does a firewall
>>(hardware outside of the box or a linux based firewall) suffice the need?
>>
>>
>
>Depends what you are protecting against. If you want to assume some services are
>exploitable, you could try to break some of the exploits by firewalling off all
>ports not used, and prevent all outgoing connections from your box except for
>ports you use on that box. If you use netfilter, you can create rules that
>apply to user-ids as well, so you could allow asterisk more privileges.
>
>
>
Nessus (http://www.nessus.org/) is a great vulnerability assessment tool
one can use to determine if services are exploitable.
Cheers
More information about the asterisk-users
mailing list