[asterisk-users] Is this doable?

Gordon Messmer yinyang at eburg.com
Mon Feb 6 22:15:53 CST 2012


On 02/06/2012 03:29 PM, Josh wrote:
>> Your description sounds almost entirely like the existing call
>> screening, so I'm pretty sure you'll be able to accomplish it. Start
>> with call screening, and modify that to suit your needs.
> It is indeed. This is already implemented in Asterisk I take it then? If
> so, brilliant news!

More or less.  I don't know if it's easy to trigger for specific caller 
ID values, or for none.  You might need to to a little customization, 
but something mostly like what you describe is present.

>> No... binding to 0.0.0.0 isn't a security risk. Typically applications
>> bind to a specific address so that a single host can have multiple
>> addresses, and an application or multiple applications can bind to
>> specific addresses to implement virtual hosting.
> I disagree. Binding to 0.0.0.0 allows connections to be made from all
> interfaces (provided the routing allows it, of course) - see my previous
> post as I do not wish to repeat myself here. I do not wish to solely
> rely on iptables/netfilter/other means if I can constrain Asterisk to
> the interfaces it is supposed to be using.

Is there some kind of attack that you believe is possible on one 
interface that isn't on the other?  I can't conceive of any way that 
making your service available on additional addresses increases your 
vulnerability.



More information about the asterisk-users mailing list