Also, if you ONLY run * on the system, you can lock it down so that the security bugs are pretty much non-exploitable... Ipchains/etc. You don't even HAVE to run ssh or any remote management if you want to to be just like a regular PBX system
Sam -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andrew Kohlsmith Sent: Wednesday, January 07, 2004 5:57 PM To: [EMAIL PROTECTED] Subject: Re: [Asterisk-Users] Re: 911 and lawsuits and redundancy > I need to update my Asterisk server that runs all my phones inorder to > install a kernel update that fixes a security bug. This is something I > would consider happening on a regular basis with a voip enable system, > whereas the traditional system might sit in a closet for 10 years > never being touched. Let's say I don't want to stay at work until 2 am > to reload the system when noone is there. How would you configure and > * system(s so that you could take a system offline during working > hours without taking out all or parts of the system? I don't use SIP for one, and I forward udp/4562 to my * box from the firewall... of course now what happens if you have to upgrade the firewall? :-) I think the basic solution is a cluster. That way you can upgrade in pieces without losing functionality. There are T1 monitoring/switching devices which will let two boxes share a single T1 and "fail over" immediately, although you'll lose the calls in progress. Regards, Andrew _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users
smime.p7s
Description: S/MIME cryptographic signature
