[asterisk-users] Call Termination Provider Madness
Steve Edwards
asterisk.org at sedwards.com
Wed Oct 3 11:06:35 CDT 2012
On Wed, 3 Oct 2012, Chris Nighswonger wrote:
> You are right that an open port is an open port, but trying keeping the
> crowd out of 10000 doors is *much* harder than trying to keep them out
> of 100 doors.
Especially since the cost of checking those additional 9,900 doors is so
high.
An open port is not a security issue if nobody is listening. It's not the
size of the port range that's important, it's the robustness of the
service that is listening.
Limiting the number of potential attackers is much more productive than
limiting the size of the port range.
Not to skewer anybody's homeland, but if you block China, both Koreas,
Iran, Iraq, Kuwait and any other geographic area you don't expect
legitimate traffic from, the volume of attacks will decrease by orders of
magnitude.
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
More information about the asterisk-users
mailing list