On 02/07/2012 09:43 AM, Josh wrote:
More or less. I don't know if it's easy to trigger for specific caller
ID values, or for none. You might need to to a little customization,
but something mostly like what you describe is present.
I am glad to see this! Which modules/functions present this
functionality - do you know?
http://www.asterisk.org/astdocs/node66.html
Is there some kind of attack that you believe is possible on one
interface that isn't on the other? I can't conceive of any way that
making your service available on additional addresses increases your
vulnerability.
Of course it does - by making Asterisk service available on, say eth2
(by binding on 0.0.0.0 that is automatically enabled, i.e. Asterisk can
receive packets coming from that interface). This is not what I want.
Yes, I understand that it's not what you want, but that doesn't make it
a security concern. If Asterisk is publicly available on one interface,
making it available on another interface doesn't make you less secure.
It's fine if you want to take that step, but please drop the "everyone
knows this is a security risk" thing. You appear to be alone in that
opinion, and unable to explain why you think it's a security risk.
Moreover, you're speaking for others without warrant or welcome.
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
