VoIP Mailing List Archives
Mailing list archives for the VoIP community |
|
| View previous topic :: View next topic |
| Author |
Message |
asterisk.org at sedwar...
Guest
|
 Posted: Wed Jun 11, 2008 10:24 pm Post subject: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber |
 |
|
On Wed, 11 Jun 2008, Mark Adams wrote:
| Quote: | (I know there are security issues as they have been additional users
created on my server and irc junk was put in the home folder)
|
If the box has been compromised, the only recourse is to erase the drives
and start over. You can't trust anything on the box.
Off the top of my head, this is how I would approach the problem.
1) Identify how the box was compromised. (A client box was recently (last
30 days) hacked. It was an old AAH installed by the client. The hacker
used the default password on the admin account to exploit a buffer
overflow in crond to gain root.)
2) Save any essential data -- and only the data, no executables.
3) Take the box off the Internet.
4) Boot DBAN and let it do it's thing.
5) Install a minimal OS from CD/DVD.
6) Clean up after the install -- turn off services, delete users, delete
packages, add packages, etc.
7) Bring up to current patch level from your private repository.
 Expose the box to the Internet.
9) Cross your fingers and actively monitor the box.
Thanks in advance,
------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000 |
|
| Back to top |
|
 |
admin at infinity-mark...
Guest
|
| Posted: Thu Jun 12, 2008 3:23 am Post subject: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber |
|
|
I appreciate the responses thus far but I am looking to find out what type
of security I should implement for the future. Being new to linux, not to
mention asterisk I didn't realize that someone could brute force into the
box and upload crap. With that in mind it seems that I would want to get a
hardware firewall such as a hotbrick or a sonicwall firewall.
My situation seems unique because I am not using a router even at this
point. I was given a sheet of ip addresses and was told just to provision by
devices with the given ip's and they would handle the rest. My devices are
hooked directly to their switch in my location.
This hasn't been an issue up until now because I only had analog (mediatrix
and audiocodes 24 port gateways x 4) connected to the switch. Now I am going
to a software based dialer (i.e. asterisk/ vicidial) and have run into these
problems.
Thanks again,
Mark
-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Steve Edwards
Sent: Wednesday, June 11, 2008 11:25 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber
On Wed, 11 Jun 2008, Mark Adams wrote:
| Quote: | (I know there are security issues as they have been additional users
created on my server and irc junk was put in the home folder)
|
If the box has been compromised, the only recourse is to erase the drives
and start over. You can't trust anything on the box.
Off the top of my head, this is how I would approach the problem.
1) Identify how the box was compromised. (A client box was recently (last
30 days) hacked. It was an old AAH installed by the client. The hacker
used the default password on the admin account to exploit a buffer
overflow in crond to gain root.)
2) Save any essential data -- and only the data, no executables.
3) Take the box off the Internet.
4) Boot DBAN and let it do it's thing.
5) Install a minimal OS from CD/DVD.
6) Clean up after the install -- turn off services, delete users, delete
packages, add packages, etc.
7) Bring up to current patch level from your private repository.
Expose the box to the Internet.
9) Cross your fingers and actively monitor the box.
Thanks in advance,
------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users |
|
| Back to top |
|
|
stotaro at totarotechn...
Guest
|
| Posted: Thu Jun 12, 2008 5:40 am Post subject: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber |
|
|
What services do you need exposed to the internet and on what machines?
Does the fiber just terminate into your "switch" then? What type of
switch? Can you get access to the switch? If so you can probably
create access control lists.
You could put your own router in front to act as a firewall or/and NAT
and add your own ACLs.
As already suggested, turn off all unused services. Do not use some
all in one rolled up ISO such as Trixbox. Change your ssh port.
If at all possible, use OpenVPN (or whatever VPN) to connect all the
machines together, as well as trusted clients then block all traffic
in your ACLs (or firewall) except VPN, NTP, DNS, HTTP, and whatever I
am missing.
BTW I am no security expert. I had a box compromised exactly as you
described but the IRC junk was pegging the CPU, not Asterisk.
Thanks,
Steve
On Thu, Jun 12, 2008 at 4:23 AM, Mark Adams
<admin at infinity-marketing.com> wrote:
| Quote: | I appreciate the responses thus far but I am looking to find out what type
of security I should implement for the future. Being new to linux, not to
mention asterisk I didn't realize that someone could brute force into the
box and upload crap. With that in mind it seems that I would want to get a
hardware firewall such as a hotbrick or a sonicwall firewall.
My situation seems unique because I am not using a router even at this
point. I was given a sheet of ip addresses and was told just to provision by
devices with the given ip's and they would handle the rest. My devices are
hooked directly to their switch in my location.
This hasn't been an issue up until now because I only had analog (mediatrix
and audiocodes 24 port gateways x 4) connected to the switch. Now I am going
to a software based dialer (i.e. asterisk/ vicidial) and have run into these
problems.
Thanks again,
Mark
-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Steve Edwards
Sent: Wednesday, June 11, 2008 11:25 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber
On Wed, 11 Jun 2008, Mark Adams wrote:
| Quote: | (I know there are security issues as they have been additional users
created on my server and irc junk was put in the home folder)
|
If the box has been compromised, the only recourse is to erase the drives
and start over. You can't trust anything on the box.
Off the top of my head, this is how I would approach the problem.
1) Identify how the box was compromised. (A client box was recently (last
30 days) hacked. It was an old AAH installed by the client. The hacker
used the default password on the admin account to exploit a buffer
overflow in crond to gain root.)
2) Save any essential data -- and only the data, no executables.
3) Take the box off the Internet.
4) Boot DBAN and let it do it's thing.
5) Install a minimal OS from CD/DVD.
6) Clean up after the install -- turn off services, delete users, delete
packages, add packages, etc.
7) Bring up to current patch level from your private repository.
Expose the box to the Internet.
9) Cross your fingers and actively monitor the box.
Thanks in advance,
------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
|
|
|
| Back to top |
|
|
stotaro at totarotechn...
Guest
|
| Posted: Thu Jun 12, 2008 6:12 am Post subject: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber |
|
|
Then I would think IPtables should work just fine for you. You have
local access to the * box? Even a simple NAT should probably work OK
with a little config tweaking.
Have a look here http://swik.net/iptables+sip
Thanks,
Steve
On Thu, Jun 12, 2008 at 7:03 AM, Mark Adams
<admin at infinity-marketing.com> wrote:
| Quote: | Thanks for the response.
I have a tellabs 8813 switch provided from time warner. No I currently do
not have access to the switch. I am in the process of converting from analog
based dialers using dialogic hardware TO asterisk/ vicidial systems
I am strictly placing sip calls to my termination provider. I do not use the
linux box for anything else. This fiber connection is dedicated to sip g729
calls entirely.
Yes the fiber terminates directly to the switch.
There are 6 analog to voip gateways (audiocodes and mediatrix) and 1
asterisk server. The gateways and 1 asterisk server are connected to the
tellabs switch, security was never an issue because for the last 2 years we
only connected analog to voip gateways to the open fiber connection.
Now we want to get out of the dialogic junk and replace those systems with
asterisk servers. Security has become troublesome while testing the first
50-80 channel server we have.
Our asterisk server has fedora 8, x windows, asterisk 1.4 I believe.
Mark
-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Steve Totaro
Sent: Thursday, June 12, 2008 6:40 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber
What services do you need exposed to the internet and on what machines?
Does the fiber just terminate into your "switch" then? What type of
switch? Can you get access to the switch? If so you can probably
create access control lists.
You could put your own router in front to act as a firewall or/and NAT
and add your own ACLs.
As already suggested, turn off all unused services. Do not use some
all in one rolled up ISO such as Trixbox. Change your ssh port.
If at all possible, use OpenVPN (or whatever VPN) to connect all the
machines together, as well as trusted clients then block all traffic
in your ACLs (or firewall) except VPN, NTP, DNS, HTTP, and whatever I
am missing.
BTW I am no security expert. I had a box compromised exactly as you
described but the IRC junk was pegging the CPU, not Asterisk.
Thanks,
Steve
On Thu, Jun 12, 2008 at 4:23 AM, Mark Adams
<admin at infinity-marketing.com> wrote:
| Quote: | I appreciate the responses thus far but I am looking to find out what type
of security I should implement for the future. Being new to linux, not to
mention asterisk I didn't realize that someone could brute force into the
box and upload crap. With that in mind it seems that I would want to get a
hardware firewall such as a hotbrick or a sonicwall firewall.
My situation seems unique because I am not using a router even at this
point. I was given a sheet of ip addresses and was told just to provision
|
by
| Quote: | devices with the given ip's and they would handle the rest. My devices are
hooked directly to their switch in my location.
This hasn't been an issue up until now because I only had analog
|
(mediatrix
| Quote: | and audiocodes 24 port gateways x 4) connected to the switch. Now I am
|
going
| Quote: | to a software based dialer (i.e. asterisk/ vicidial) and have run into
|
these
| Quote: | problems.
Thanks again,
Mark
-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Steve
|
Edwards
| Quote: | Sent: Wednesday, June 11, 2008 11:25 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber
On Wed, 11 Jun 2008, Mark Adams wrote:
| Quote: | (I know there are security issues as they have been additional users
created on my server and irc junk was put in the home folder)
|
If the box has been compromised, the only recourse is to erase the drives
and start over. You can't trust anything on the box.
Off the top of my head, this is how I would approach the problem.
1) Identify how the box was compromised. (A client box was recently (last
30 days) hacked. It was an old AAH installed by the client. The hacker
used the default password on the admin account to exploit a buffer
overflow in crond to gain root.)
2) Save any essential data -- and only the data, no executables.
3) Take the box off the Internet.
4) Boot DBAN and let it do it's thing.
5) Install a minimal OS from CD/DVD.
6) Clean up after the install -- turn off services, delete users, delete
packages, add packages, etc.
7) Bring up to current patch level from your private repository.
Expose the box to the Internet.
9) Cross your fingers and actively monitor the box.
Thanks in advance,
------------------------------------------------------------------------
Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST
Newline Fax: +1-760-731-3000
_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
|
_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
|
|
|
| Back to top |
|
|
tilghman at mail.jeffa...
Guest
|
| Posted: Thu Jun 12, 2008 8:02 am Post subject: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber |
|
|
On Thursday 12 June 2008 03:23:46 Mark Adams wrote:
| Quote: | I appreciate the responses thus far but I am looking to find out what type
of security I should implement for the future. Being new to linux, not to
mention asterisk I didn't realize that someone could brute force into the
box and upload crap. With that in mind it seems that I would want to get a
hardware firewall such as a hotbrick or a sonicwall firewall.
|
One of the most frequent security issues comes not in the form of a software
flaw, but simply in people choosing easy-to-guess passwords on the root
account. There are two suggestions I have to reduce the risk of this
brute force. First, choose a username that is uncommon. In your case, do not
use 'root', 'admin', or even 'mark'. 'madams' might be a good choice. Once
you figure out that username, configure sshd with the AllowUsers directive to
ONLY allow logins from that user. If you need root access, install sudo. If
an attacker cannot figure out what your username is, then it doesn't matter
even if they guess your password, because they aren't getting in.
And of course, the second part is choosing a secure password, one that
contains mixed case, numbers, letters, and symbols. Don't be afraid to write
down that secure password, as long as you keep it on your person (wallet is a
good choice). 99% of the attackers who might otherwise compromise your
machine will never come within 1000 miles of you. However, your wallet
contains things that are far more valuable than your password (your identity
documents, for example), so it is hoped that you will be able to keep that
password away from people who would otherwise do you harm.
--
Tilghman |
|
| Back to top |
|
|
jra at baylink.com
Guest
|
| Posted: Thu Jun 12, 2008 8:25 am Post subject: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber |
|
|
On Thu, Jun 12, 2008 at 04:23:46AM -0400, Mark Adams wrote:
| Quote: | My situation seems unique because I am not using a router even at this
point. I was given a sheet of ip addresses and was told just to provision by
devices with the given ip's and they would handle the rest. My devices are
hooked directly to their switch in my location.
This hasn't been an issue up until now because I only had analog (mediatrix
and audiocodes 24 port gateways x 4) connected to the switch. Now I am going
to a software based dialer (i.e. asterisk/ vicidial) and have run into these
problems.
|
This is one of the reasons why VoIP/Internet can be problematic: even
if you have a firewall, you're required to expose your SIP or IAX ports
to the net at large, whether through a firewall, or some sort of
proxy -- which means you're at the mercy of people finding exploits in
Asterisk that they can use to pwn your machine.
Probably the only *really* good approach to this is the one we use here
at Vici: don't let SIP and IAX out of the building. All of our PSTN
connections are via traditional T-1 trunking to IXCs, and all of our
agents are inside the building as well, on T-1/Zap/DAHDI channelbanks.
If I ever do have to put people outside the building, I'll put them on
secure VPNs, and the same if I have to trunk to commercial VoIP
carriers. At the very least in this latter case, I'll IP lock the
incoming connection, if I can't find a carrier that will do VoIP/VPN/Internet.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com '87 e24
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Those who cast the vote decide nothing.
Those who count the vote decide everything.
-- (Joseph Stalin) |
|
| Back to top |
|
|
jra at baylink.com
Guest
|
| Posted: Thu Jun 12, 2008 8:29 am Post subject: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber |
|
|
On Thu, Jun 12, 2008 at 07:03:52AM -0400, Mark Adams wrote:
| Quote: | I have a tellabs 8813 switch provided from time warner. No I currently do
not have access to the switch. I am in the process of converting from analog
based dialers using dialogic hardware TO asterisk/ vicidial systems
I am strictly placing sip calls to my termination provider. I do not use the
linux box for anything else. This fiber connection is dedicated to sip g729
calls entirely.
Yes the fiber terminates directly to the switch.
There are 6 analog to voip gateways (audiocodes and mediatrix) and 1
asterisk server. The gateways and 1 asterisk server are connected to the
tellabs switch, security was never an issue because for the last 2 years we
only connected analog to voip gateways to the open fiber connection.
|
Ok, step one: Put a router/firewall behind that tellabs. It should be
the only thing on your premises with a public routable address. Yes,
that will make your SIP configuration a touch more complicated, but
you've already seen the balancing cost...
Go pick up a copy of Firewalls and Internet Security from O'Reilly,
find a quiet corner and a pot of really *hot* tea, and sit and read it,
assuming you can't pay someone else to do this for you.
But don't put *nix application servers directly on the net unless you
really know what you're doing.
And yeah, you're gonna have to wipe that box, as Steve said.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com '87 e24
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Those who cast the vote decide nothing.
Those who count the vote decide everything.
-- (Joseph Stalin) |
|
| Back to top |
|
|
jra at baylink.com
Guest
|
| Posted: Thu Jun 12, 2008 8:33 am Post subject: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber |
|
|
On Thu, Jun 12, 2008 at 08:02:24AM -0500, Tilghman Lesher wrote:
| Quote: | On Thursday 12 June 2008 03:23:46 Mark Adams wrote:
| Quote: | I appreciate the responses thus far but I am looking to find out
what type of security I should implement for the future. Being new
to linux, not to mention asterisk I didn't realize that someone
could brute force into the box and upload crap. With that in mind
it seems that I would want to get a hardware firewall such as a
hotbrick or a sonicwall firewall.
|
One of the most frequent security issues comes not in the form of a
software flaw, but simply in people choosing easy-to-guess passwords
on the root account. There are two suggestions I have to reduce the
risk of this brute force. First, choose a username that is uncommon.
In your case, do not use 'root', 'admin', or even 'mark'. 'madams'
might be a good choice. Once you figure out that username, configure
sshd with the AllowUsers directive to ONLY allow logins from that
user.
|
Your phrasing, here, Tilghman, suggests that you mean that the
administrative account should be renamed from root to madams, and I'm
fairly sure you don't actually mean that.
You actually mean "create a regular user, and lock the machine down so
that's the only thing that can be used to log into it, at which point,
when and
| Quote: | If you need root access, install
sudo. If an attacker cannot figure out what your username is, then it
doesn't matter even if they guess your password, because they aren't
getting in.
|
...you can use sudo to get it.
| Quote: | And of course, the second part is choosing a secure password, one that
contains mixed case, numbers, letters, and symbols. Don't be afraid to
write down that secure password, as long as you keep it on your person
(wallet is a good choice). 99% of the attackers who might otherwise
compromise your machine will never come within 1000 miles of you.
However, your wallet contains things that are far more valuable than
your password (your identity documents, for example), so it is hoped
that you will be able to keep that password away from people who would
otherwise do you harm.
|
Two memorable words separated by 2 or 3 digits, with at least one odd
capital, is my usual protocol.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com '87 e24
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Those who cast the vote decide nothing.
Those who count the vote decide everything.
-- (Joseph Stalin) |
|
| Back to top |
|
|
faxguy at howardsilvan...
Guest
|
| Posted: Thu Jun 12, 2008 10:16 am Post subject: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber |
|
|
Jay R. Ashworth wrote:
| Quote: | On Thu, Jun 12, 2008 at 08:02:24AM -0500, Tilghman Lesher wrote:
| Quote: | One of the most frequent security issues comes not in the form of a
software flaw, but simply in people choosing easy-to-guess passwords
on the root account. There are two suggestions I have to reduce the
risk of this brute force. First, choose a username that is uncommon.
In your case, do not use 'root', 'admin', or even 'mark'. 'madams'
might be a good choice. Once you figure out that username, configure
sshd with the AllowUsers directive to ONLY allow logins from that
user.
|
Your phrasing, here, Tilghman, suggests that you mean that the
administrative account should be renamed from root to madams, and I'm
fairly sure you don't actually mean that.
You actually mean "create a regular user, and lock the machine down so
that's the only thing that can be used to log into it, at which point,
when and
| Quote: | If you need root access, install
sudo. If an attacker cannot figure out what your username is, then it
doesn't matter even if they guess your password, because they aren't
getting in.
|
...you can use sudo to get it.
|
Never, ever, ever, expose sshd to the public internet without
firewalling. Only let trusted IPs reach sshd. The risk of brute force
success, however small, is still far too great. Again, do not expose
sshd to the general public.
And for that matter... it's generally unwise to expose any service to
the general public when the general public has no business using that
service.
A little bit of time learning some iptables basics will go a long way here.
Thanks,
Lee. |
|
| Back to top |
|
|
admin at infinity-mark...
Guest
|
| Posted: Thu Jun 12, 2008 10:30 am Post subject: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber |
|
|
Yes it all makes sense, I left it all open so sip traffic could pass. My
experience has only been with analog gateways which well no one would wasn't
to break into or do any of these things too.
Thanks for the sonicwall tip, that was what I was about to buy.
Mark Adams
-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Lee Howard
Sent: Thursday, June 12, 2008 11:16 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] aSTERISK / Vicidial systems over 4MB fiber
Jay R. Ashworth wrote:
| Quote: | On Thu, Jun 12, 2008 at 08:02:24AM -0500, Tilghman Lesher wrote:
| Quote: | One of the most frequent security issues comes not in the form of a
software flaw, but simply in people choosing easy-to-guess passwords
on the root account. There are two suggestions I have to reduce the
risk of this brute force. First, choose a username that is uncommon.
In your case, do not use 'root', 'admin', or even 'mark'. 'madams'
might be a good choice. Once you figure out that username, configure
sshd with the AllowUsers directive to ONLY allow logins from that
user.
|
Your phrasing, here, Tilghman, suggests that you mean that the
administrative account should be renamed from root to madams, and I'm
fairly sure you don't actually mean that.
You actually mean "create a regular user, and lock the machine down so
that's the only thing that can be used to log into it, at which point,
when and
| Quote: | If you need root access, install
sudo. If an attacker cannot figure out what your username is, then it
doesn't matter even if they guess your password, because they aren't
getting in.
|
...you can use sudo to get it.
|
Never, ever, ever, expose sshd to the public internet without
firewalling. Only let trusted IPs reach sshd. The risk of brute force
success, however small, is still far too great. Again, do not expose
sshd to the general public.
And for that matter... it's generally unwise to expose any service to
the general public when the general public has no business using that
service.
A little bit of time learning some iptables basics will go a long way here.
Thanks,
Lee.
_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users |
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
Search
