[asterisk-users] Is this doable?
Gordon Messmer
yinyang at eburg.com
Mon Feb 6 22:15:53 CST 2012
On 02/06/2012 03:29 PM, Josh wrote:
>> Your description sounds almost entirely like the existing call
>> screening, so I'm pretty sure you'll be able to accomplish it. Start
>> with call screening, and modify that to suit your needs.
> It is indeed. This is already implemented in Asterisk I take it then? If
> so, brilliant news!
More or less. I don't know if it's easy to trigger for specific caller
ID values, or for none. You might need to to a little customization,
but something mostly like what you describe is present.
>> No... binding to 0.0.0.0 isn't a security risk. Typically applications
>> bind to a specific address so that a single host can have multiple
>> addresses, and an application or multiple applications can bind to
>> specific addresses to implement virtual hosting.
> I disagree. Binding to 0.0.0.0 allows connections to be made from all
> interfaces (provided the routing allows it, of course) - see my previous
> post as I do not wish to repeat myself here. I do not wish to solely
> rely on iptables/netfilter/other means if I can constrain Asterisk to
> the interfaces it is supposed to be using.
Is there some kind of attack that you believe is possible on one
interface that isn't on the other? I can't conceive of any way that
making your service available on additional addresses increases your
vulnerability.
More information about the asterisk-users
mailing list