> > Are there security concerns with the * application software? > > I know there are with the Linux installation. > > :-) > > You should always be concerned with security. Not to say that Asterisk > has any security problems (it is audited regularly). > > If you are administering network boxes you should really read up on > network security. > > That said, most of your security concerns are going to come from > applications which are running by default on your distro. > > You should really go through every application running on your box and > decide a) whether you need it and b) what settings you really need.
This has sort of been discussed before on the list, but I'd suggest there is a much larger security issue running asterisk resulting from the implementor not understanding "contexts". I'm not talking about problems with the code, but rather experience level. Those with a fair amount of * experience know/understand the use of default contexts, however the list has seen many many posts where the implementor is having trouble making things work as expected and a fair number of those have something to do with the proper use of contexts. As with any I/T system, layered security is important including the underlying OS, apps (including *), the network itself, etc. However, there are many systems residing directly on the Internet and none of us have any issues when the systems are properly secured. _______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
