[asterisk-users] Securing Asterisk
Steve Edwards
asterisk.org at sedwards.com
Tue Jul 26 14:43:49 CDT 2011
On Tue, 26 Jul 2011, Bruce B wrote:
> After-all, RFC does stand for Referral For Comment as in always open to
> be improved.
Actually, it stands for 'Request' and I don't think Digium or the Asterisk
mailing lists made the request :)
Maybe the proper path is for you to submit a comment to the responsible
parties and see if you can get any traction there.
Failing that, if your unfunded requests for this feature fall on deaf ears
on the mailing list, maybe a bounty would help.
I don't think having each application (Asterisk, SSH, Apache, MySQL, etc.)
handle security in an incompatible way is going to advance the state of
security.
As long as the application can be configured to log what you consider a
security event, you have the ability to implement whichever security
policies make sense to you.
Why do you find the 'fail2ban' and 'iptables' suggestions insufficient?
--
Thanks in advance,
-------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
More information about the asterisk-users
mailing list