[asterisk-users] Security - Using Linksys PAP2T from outside with a dynamic IP is there anyway to block all other traffic but those of the PAP2T?
Roger Burton West
roger at firedrake.org
Sat Oct 2 15:32:14 CDT 2010
On Sat, Oct 02, 2010 at 04:09:33PM -0400, bruce bruce wrote:
>Can't I in my ip tables just accept the pap2t.dyndns.org if that is bind to
>the PAP2T? do you think the devices comes in with it's external IP rather
>than the dyndns domain?
Yes. An IP datagram carries only the source and destination IP
addresses, not the DNS names associated with them. Your firewall _may_
be able to accept a DNS name to block or allow rather than an IP
address, but most don't, and doing so makes you vulnerable to DNS
spoofing attacks.
To go further would be thoroughly off-topic for this list.
Roger
More information about the asterisk-users
mailing list