Nonsense! I'm a Security Expert (TM) and I say run EVERYthing on your firewall....
And...uh... what was your IP again? ;) N. Steve Prior wrote: >> GNUbie wrote: >> >> >>> By the way, my Asterisk PBX server is also my wireless access point, >>> web server, file server, music server, VPN server, database server, >>> firewall and router. >>> >>> > > Repeat after me - NEVER NEVER NEVER run other servers on your > router/firewall machine!!! That machine needs to be a maximum security > low vulnerability box and running all sorts of stuff on it conflicts > with that. Your web server is probably your weakest link in security, > so I wouldn't put your file server, music server, or database server on > that same box because if someone hacks through some webapp you've > installed (it's happened to me with both the TWiki and awstats packages) > then if they've got root on your web server box you don't want them > messing with the other stuff. > > I know it sounds like overkill, but I see three boxes here: > > 1 - firewall/router > 2 - web server and other public facing services (sendmail for example) > 3 - internal facing services - database, asterisk, file/music server > > Some day when box #2 gets rooted (and it will eventually) you'll thank > me... > > Steve > > > > _______________________________________________ > --Bandwidth and Colocation Provided by http://www.api-digital.com-- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
