[asterisk-users] How Secure Is Asterisk
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Wed Oct 22 00:07:39 CDT 2008
On Tue, Oct 21, 2008 at 04:39:14PM -0400, Singer Wang wrote:
> The visual eky in Windows Zfone is good, but it can be broken too. There
> is no way to be 100% secure. Nothing is 100% secure. What you need to
> do is a standard business C/B analysis and based on that determine how
> much security is good enough.
What you need to do first is decide what you actually want to defend
against. If you grow phantom enemies you'll end up doing some silly
things, as in:
http://thedailywtf.com/Articles/For-Security-Purposes,-Of-Course.aspx
Do you want to prevent people from listening to the content of calls?
But even with an encrypted call, someone can tell that a call has
started by the unencrypted handshake.
If this is a trunk between two branches, maybe just set up a VPN.
Again, this is just one specific threat.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the asterisk-users
mailing list