>From a security perspective, has anyone found reason to restrict the
ports that GnuGk uses?  I'm assuming that opening UDP 1025-65535,
TCP/1719 and TCP/1720 to the internet is all that's required for full
functionality?

Also, it appears that the status port (7000) binds to all interfaces.
Is there a configuration switch to only allow it to bind to a
particular interface or IP address?  In a dual-nic proxy situation, it
would be better to not even listen to the external port, even with
appropriate firewall rules in place.  I use multiple secondary
addresses on my external NIC and each of them are listening to 1720
and 7000.

Jan, would you consider a doc patch that details the ports and the
traffic direction that needs to be configured for firewalls?

Direction        TCP/UDP          port(s)         Purpose
In                   TCP                 1720            Control port
(etc)

------------------------------------------------------------------------------
RSA® Conference 2012
Save $700 by Nov 18
Register now!
http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________________

Posting: mailto:Openh323gk-users@lists.sourceforge.net
Archive: 
http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users
Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
Homepage: http://www.gnugk.org/

Reply via email to