[Asterisk-Users] reboot polycom 1.4.1

Rich Adamson radamson at routers.com
Thu Feb 10 21:21:29 MST 2005


> > Quota from the polycom admin guide document,
> > So it could be a potential DOS attack problem if set to 1.
> > 
> 
> Correct me if I am wrong - but the potential for a DoS attack would only 
> be if an untrusted user is able to gain access to the asterisk server 
> and the CLI to run commands? Or somehow hijack the SIP session coming 
> from the server? Just trying to understand the security implications of 
> allowing the phones to be rebooted remotely (which is a big plus imho).

What he meant by that is if polycom is using a registered IP address and
is accessible from the Internet directly, then it only a matter of time
before some evil person will find it and do strange things to it.

If the phone is on a firewall/nat'ed internal network, then its not a
problem.





More information about the asterisk-users mailing list