[Asterisk-Users] Security audit scripts
Matt Riddell
matt.riddell at sineapps.com
Thu Jan 13 22:28:28 MST 2005
Ray Jender wrote:
> Are there security concerns with the * application software?
> I know there are with the Linux installation.
:-)
You should always be concerned with security. Not to say that Asterisk
has any security problems (it is audited regularly).
If you are administering network boxes you should really read up on
network security.
That said, most of your security concerns are going to come from
applications which are running by default on your distro.
You should really go through every application running on your box and
decide a) whether you need it and b) what settings you really need.
You should also really decide on a security policy for your network.
What kind of firewalls are you going to run, what's inside, what's
outside, what applications are your users allowed to run, should you be
running and IDS (Intrusion Detection System).
And last but not least (once you are happy that your current system is
secure) subscribe to bugtraq, and check on
http://packetstormsecurity.org/ for new releases.
:-)
Or you could just employ a security consultant...
But, if you have the time, it's worth learning!
:-)
--
Cheers,
Matt Riddell
_______________________________________________
http://www.sineapps.com/news.php (Daily Asterisk News - html)
http://www.sineapps.com/rssfeed.php (Daily Asterisk News - rss)
More information about the asterisk-users
mailing list