> The asterisk wiki states that it needs SIP, IAX2, IAX and RTP open to the > world to work. Is this necessarily true, or does it only need some of these > outgoing? > > I'm concerned as anyone that could guess an extension number&password could > use my server to make outgoing calls. It would help if the extensions had a > netmask/allowable IP setting like the iax.conf file uses, but there isn't one > documented...
Tony, What you open up (and how you restrict access) is really a function of the resources you have available. Example, on some firewalls you can open a ton of ports, but then limit which IP's can actually use them. I think there is a "permit=" statement for sip def's that limit which IP's can use that sip definition. If that's not enough, implement IP tables as another mechanism to restrict access. All depends on what you've got available. Rich _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
