On Tue, Mar 10, 2009 at 7:15 AM, Trixter aka Bret McDanel < [email protected]> wrote:
> On Tue, 2009-03-10 at 04:52 -0400, [email protected] wrote: > > Of course everyone running Asterisk can get 3 humans to monitor the logs > > 24/7 for the signs of an attack. > > > > well if they do it right they dont have to do that, but that does make a > good argument of why no one should monitor their logs ever, oh wait no > it doesnt. > > > > > Has anyone actually seen an attack with spoofed IPs anyways? > > yes, several in fact. I even wrote a program that would "smurf" from > asterisk and other platforms which relied on spoofed IPs to get the > asterisk box to send data to the victim IP, so I am fairly certain that > such things do exist. > > > -- > Trixter http://www.0xdecafbad.com Bret McDanel > pgp key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x8AE5C721 > I think nat=yes mitigates these security risks (and makes things MUCH easier to configure and maintain.) Logic seems sound and I have never had any issues with remote or local phones, so I still vote nat=yes becomes the default. http://www.mail-archive.com/[email protected]/msg214006.html -- Thanks, Steve Totaro +18887771888 (Toll Free) +12409381212 (Cell) +12024369784 (Skype)
_______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-biz mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-biz
