[asterisk-users] Is there a need to secure RTP ports?
Sebastian Arcus
shop at open-t.co.uk
Wed Jan 23 11:20:51 CST 2013
I have an Asterisk server with one SIP trunk to a SIP provider. As my
server registers with the SIP provider, I don't have any SIP ports open
at my end to the Internet. However, I have the RTP ports open (as SIP
has some trouble with my NAT). My question is - what are the
vulnerabilities in this scenario at my end? I suppose some
man-in-the-middle or eavesdropping attack is always a possibility - but
that aside, is there anything that will attack RTP ports on Asterisk
when there are no SIP ports open? I was looking into installing fail2ban
- until I realised that there is no SIP port exposed for an attacker to
poke at.
Searching on Google for "secure RTP ports" keeps on bringing up results
about SRTP - which is not exactly the answer to my question.
Thank you
More information about the asterisk-users
mailing list