[Asterisk-Users] reboot polycom 1.4.1
Rich Adamson
radamson at routers.com
Thu Feb 10 21:21:29 MST 2005
> > Quota from the polycom admin guide document,
> > So it could be a potential DOS attack problem if set to 1.
> >
>
> Correct me if I am wrong - but the potential for a DoS attack would only
> be if an untrusted user is able to gain access to the asterisk server
> and the CLI to run commands? Or somehow hijack the SIP session coming
> from the server? Just trying to understand the security implications of
> allowing the phones to be rebooted remotely (which is a big plus imho).
What he meant by that is if polycom is using a registered IP address and
is accessible from the Internet directly, then it only a matter of time
before some evil person will find it and do strange things to it.
If the phone is on a firewall/nat'ed internal network, then its not a
problem.
More information about the asterisk-users
mailing list