David, You could use openvpn to secure the connection. MAC address restrictions are pretty weak and easy to spoof.
Darrick David Kerr wrote: > I would like to permit a softphone on my laptop to connect to my > astlinux box from anywhere in the world. This would mean keeping port > 5060 open, which is a potential security risk? Is there a way to > restrict access by mac address? so that my softphone on *my* laptop can > connect, but no one else's can (even if they know the extension/password. > > Thanks. > David > > On Mon, Nov 10, 2008 at 2:40 PM, Daniel Aeberli <[EMAIL PROTECTED]> > wrote: > > Hi Darrick, > > You right, I had miss-configured my Firewall: I open the voip ports when > I initially was try to my Asterisk trunk working. As I now know, the > trunk goes through a tunnel so I closed them just after my last post and > everything still works (no duh). > > I still need to dig into my config (Firewall and Asterisk), I'm sure I > have other doors wide open why I tried to get things working. > > Many thanks for the reply though. > > Daniel > > > > Darrick Hartman a écrit : > > Daniel, > > > > Not necessarily. It sounds like you have the firewall misconfigured. > > What ports are you opening? You should really only have your ssh > port > > and vpn port open. All others should be closed. How are these > people > > getting in? > > > > Darrick > > > > Daniel Aeberli wrote: > > > >> Sorry, just realised this is more an Astersik general question > than a > >> ASTLinux one ... of to search other forums... > >> > >> Daniel Aeberli a écrit : > >> > >>> Well after the brute force attack ssh login attempts, last > month, I have > >>> an undesirable outsider that successfully made calls from my > ASTlinux > >>> box. I locked out the brute force, by disabling WAN requests, > turning of > >>> WAN ping response and turning off ssh access, but obviously my > box is > >>> not secure. > >>> > >>> I'm not savvy enough to know how to secure by AstLinux box from > outside > >>> callers (hackers). I only use AstLinux to call my parents > AstLinux box > >>> via a VPN trunk over our ADSL lines. All my local calls go via > ISDN line > >>> (since I have to have it for the ADSL link and local call are > free). > >>> > >>> Could someone tell me how to lock outside calls (internet / > ADSL) from > >>> using my ISDN lines? > >>> > >>> Thanks > >>> > >>> Daniel > >>> > >>> > ------------------------------------------------------------------------- > >>> This SF.Net email is sponsored by the Moblin Your Move > Developer's challenge > >>> Build the coolest Linux based applications with Moblin SDK & > win great prizes > >>> Grand prize is a trip for two to an Open Source event anywhere > in the world > >>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ > <http://moblin-contest.org/redirect.php?banner_id=100&url=/> > >>> _______________________________________________ > >>> Astlinux-users mailing list > >>> Astlinux-users@lists.sourceforge.net > <mailto:Astlinux-users@lists.sourceforge.net> > >>> https://lists.sourceforge.net/lists/listinfo/astlinux-users > >>> > >>> Donations to support AstLinux are graciously accepted via > PayPal to [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>. > >>> > >>> > >> > ------------------------------------------------------------------------- > >> This SF.Net email is sponsored by the Moblin Your Move > Developer's challenge > >> Build the coolest Linux based applications with Moblin SDK & win > great prizes > >> Grand prize is a trip for two to an Open Source event anywhere > in the world > >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ > <http://moblin-contest.org/redirect.php?banner_id=100&url=/> > >> _______________________________________________ > >> Astlinux-users mailing list > >> Astlinux-users@lists.sourceforge.net > <mailto:Astlinux-users@lists.sourceforge.net> > >> https://lists.sourceforge.net/lists/listinfo/astlinux-users > >> > >> Donations to support AstLinux are graciously accepted via PayPal > to [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>. > >> > > > > > > > ------------------------------------------------------------------------- > > This SF.Net email is sponsored by the Moblin Your Move > Developer's challenge > > Build the coolest Linux based applications with Moblin SDK & win > great prizes > > Grand prize is a trip for two to an Open Source event anywhere in > the world > > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > <http://moblin-contest.org/redirect.php?banner_id=100&url=/> > > _______________________________________________ > > Astlinux-users mailing list > > Astlinux-users@lists.sourceforge.net > <mailto:Astlinux-users@lists.sourceforge.net> > > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > > > Donations to support AstLinux are graciously accepted via PayPal > to [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>. > > > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win > great prizes > Grand prize is a trip for two to an Open Source event anywhere in > the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > <http://moblin-contest.org/redirect.php?banner_id=100&url=/> > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > <mailto:Astlinux-users@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>. > > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > > > ------------------------------------------------------------------------ > > _______________________________________________ > Astlinux-users mailing list > Astlinux-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to [EMAIL > PROTECTED] ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED]
