-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [EMAIL PROTECTED] wrote: > I am setting up an Asterisk server to provide voice messaging in a campus > setting. I am interested in how others have Asterisk set up in regards to > firewalls and web interface access to minimize security risks.
:) Best practice would be to lock it down - allow nothing in or out. Then work your way back if anything is required. If it is only needed by you, run it across an OpenVPN tunnel. If needed by others, require authentication. If you really need SSH without a VPN, at least move it to a different port. Bear in mind that any open port will probably get hammered and at some stage will probably have a security vulnerability. Don't load modules you don't need (modules.conf) - -- Kind Regards, Matt Riddell Director _______________________________________________ http://www.venturevoip.com (Great new VoIP end to end solution) http://www.venturevoip.com/news.php (Daily Asterisk News - html) http://www.venturevoip.com/newrssfeed.php (Daily Asterisk News - rss) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH1KumDQNt8rg0Kp4RAjJ9AJ9fHfuR3WnFmfdLYt3UOGnDuYUJyACggYFB tiBLgsjb4mvZ3XtpJQxaoAY= =csgx -----END PGP SIGNATURE----- _______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
