[Asterisk-Users] Cisco phones config over internet

[David Newman]

On Mon, 31 Jan 2005, Mitchel Constantin wrote:

> This doesn't solve the clear text issue, but how about an access list
> based on the mac addresses? That'll secure tftpd a little more.

MAC addresses go away as soon as you have one or more router hops between 
phone and server. ACLs based on IP address would work, though TFTP is 
still by nature an insecure protocol -- no auth or crypto -- and thus 
vulnerable to interception anywhere along the path.

dn
kkkk