[asterisk-users] (Newbie)How to reduce security risks in opening IAX & Sip Ports

Raj Jain rj2807 at gmail.com
Tue May 20 05:46:49 CDT 2008


One way to make the system more secure would be by not opening these ports
statically in Linux iptables. I have not tested this, but Linux iptables
have shipped with ip_nat_sip and ip_conntrack_sip modules since kernel
version 2.6.18. With these modules, Linux iptables will act as a SIP-aware
NAT that opens the ports dynamically depending on what's exchanged in the
signaling.

-- 
Raj Jain


On Tue, May 20, 2008 at 4:41 AM, Shaun Wingrin <voipsw at gmail.com> wrote:

> Please direct me to any usefull links to help secure my asterisk server
> once
> these ports are opened.
>
> Thanks
>
> Shaun
>
>
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20080520/2996cd19/attachment.htm 


More information about the asterisk-users mailing list