| View previous topic :: View next topic |
| Author |
Message |
desrae at wildblue.net
Guest
|
 Posted: Wed Feb 27, 2008 9:29 am Post subject: [asterisk-users] best practice |
 |
|
I am setting up an Asterisk server to provide voice messaging in a campus
setting. I am interested in how others have Asterisk set up in regards to
firewalls and web interface access to minimize security risks. |
|
| Back to top |
|
 |
matt at venturevoip.com
Guest
|
| Posted: Sun Mar 09, 2008 10:31 pm Post subject: [asterisk-users] best practice |
|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
desrae at wildblue.net wrote:
| Quote: | I am setting up an Asterisk server to provide voice messaging in a campus
setting. I am interested in how others have Asterisk set up in regards to
firewalls and web interface access to minimize security risks.
|
Best practice would be to lock it down - allow nothing in or out.
Then work your way back if anything is required.
If it is only needed by you, run it across an OpenVPN tunnel.
If needed by others, require authentication.
If you really need SSH without a VPN, at least move it to a different port.
Bear in mind that any open port will probably get hammered and at some
stage will probably have a security vulnerability.
Don't load modules you don't need (modules.conf)
- --
Kind Regards,
Matt Riddell
Director
_______________________________________________
http://www.venturevoip.com (Great new VoIP end to end solution)
http://www.venturevoip.com/news.php (Daily Asterisk News - html)
http://www.venturevoip.com/newrssfeed.php (Daily Asterisk News - rss)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFH1KumDQNt8rg0Kp4RAjJ9AJ9fHfuR3WnFmfdLYt3UOGnDuYUJyACggYFB
tiBLgsjb4mvZ3XtpJQxaoAY=
=csgx
-----END PGP SIGNATURE----- |
|
| Back to top |
|
|
|
Search
