[Asterisk-Users] Security audit scripts

Matt Riddell matt.riddell at sineapps.com
Thu Jan 13 22:28:28 MST 2005


Ray Jender wrote:
> Are there security concerns with the * application software?
> I know there are with the Linux installation.

:-)

You should always be concerned with security.  Not to say that Asterisk 
has any security problems (it is audited regularly).

If you are administering network boxes you should really read up on 
network security.

That said, most of your security concerns are going to come from 
applications which are running by default on your distro.

You should really go through every application running on your box and 
decide a) whether you need it and b) what settings you really need.

You should also really decide on a security policy for your network. 
What kind of firewalls are you going to run, what's inside, what's 
outside, what applications are your users allowed to run, should you be 
running and IDS (Intrusion Detection System).

And last but not least (once you are happy that your current system is 
secure) subscribe to bugtraq, and check on 
http://packetstormsecurity.org/ for new releases.

:-)

Or you could just employ a security consultant...

But, if you have the time, it's worth learning!

:-)

-- 
Cheers,

Matt Riddell
_______________________________________________

http://www.sineapps.com/news.php (Daily Asterisk News - html)
http://www.sineapps.com/rssfeed.php (Daily Asterisk News - rss)



More information about the asterisk-users mailing list