[Asterisk-Users] Can bad person with SIPp attack Asterisk ?
Flynn
el_flynn at lanvik-icu.com
Thu Oct 28 14:54:05 MST 2004
On 10/28/2004, "Patrick" <asterisk at puzzled.xs4all.nl> wrote:
>Absolutely. Some things that come to mind: configure your firewall to
>only accept SIP, IAX2 etc connections from/to IP addresses of the remote
>servers you interact with.
Wouldn't this, though, not be possible when you're running a
public-type service like FWD etc? Unless they know in advance where
their customers are calling from, which I don't think they do.
>I am sure there are more ways to enhance security and would welcome
>further input from the community. Perhaps the info from this threat
>could then be the start of the Asterisk Security Howto document.
>
What would be good is if someone from FWD with a proven track record
would be so kind as to give pointers on how they handle security on
their platforms.
>About running * non-root. Any information how to go about this? How
>would you exactly configure this? What about zaptel & libpri? Apache
>setup for e.g. * & vmail or astcc interaction, CDR registration (file or
>DB) etc.
>
You could start out by looking at
http://voip-info.org/tiki-index.php?page=Asterisk+non-root
Cheers
Flynn
More information about the asterisk-users
mailing list