[asterisk-users] Binding to 0.0.0.0 a security risk?
Steve Edwards
asterisk.org at sedwards.com
Sun Feb 5 18:43:07 CST 2012
On Sun, 5 Feb 2012, Josh wrote:
> I am a bit baffled though - Asterisk has existed for quite a while now
> and I am not sure why this wasn't implemented sooner - everyone knows
> that using 0.0.0.0 is a security risk.
Why do you see binding to 0.0.0.0 to be a security risk?
If you only have 1 interface, what's the difference?
If you have 2 interfaces, just bind to one or the other.
If you have 3 or more interfaces (or you need to just bind to some
subset), you should have the skills to configure 'iptables.'
Unfortunately, (IIRC) Asterisk does not reply to the same interface
packets are received from which limits the usefulness of multiple
interfaces.
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
More information about the asterisk-users
mailing list