One way to make the system more secure would be by not opening these ports statically in Linux iptables. I have not tested this, but Linux iptables have shipped with ip_nat_sip and ip_conntrack_sip modules since kernel version <a href="http://2.6.18.">2.6.18.</a> With these modules, Linux iptables will act as a SIP-aware NAT that opens the ports dynamically depending on what's exchanged in the signaling.<br>
<br>-- <br>Raj Jain<br><br><br><div class="gmail_quote">On Tue, May 20, 2008 at 4:41 AM, Shaun Wingrin <<a href="mailto:voipsw@gmail.com">voipsw@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Please direct me to any usefull links to help secure my asterisk server once<br>
these ports are opened.<br>
<br>
Thanks<br>
<br>
Shaun<br>
<br>
<br>
_______________________________________________<br>
-- Bandwidth and Colocation Provided by <a href="http://www.api-digital.com" target="_blank">http://www.api-digital.com</a> --<br>
<br>
asterisk-users mailing list<br>
To UNSUBSCRIBE or update options visit:<br>
<a href="http://lists.digium.com/mailman/listinfo/asterisk-users" target="_blank">http://lists.digium.com/mailman/listinfo/asterisk-users</a><br>
</blockquote></div><br><br clear="all"><br>