By Date:	<-- -->
By Thread:	<-- -->

Anyone see this?

From: "Senad Jordanovic" <senad (at) bicom.us>
Date: Fri, 16 Jun 2006 11:38:43 +0100

asterisk-users-bounces (at) lists.digium.com wrote:
> On Fri, Jun 16, 2006 at 08:57:02AM +0100, Senad Jordanovic wrote:
>> asterisk-users-bounces (at) lists.digium.com wrote:
>>> Dunno if anyone else has seen this yet:
>>>
>>
http://www.scmagazine.com/us/news/article/563800/vulnerabilities+put+asteris
>> k+telephone+systems+risk/
>>
>> we do not run asterisk (or any other critical services including
>> PBXware) as root on the host as normal process.
>> we are using chroot with very limited set of tools and non-root
>> operation. so ... it is much more secure.
>
> Well, that protects the rest of the system from a potential problem
> with Asterisk. But not the rest of the network. Not to mention that
> it does not protect the PBX itself.
>
> A good practice, nontheless.

of course, but other than that one cannot do much more without going into
IDS services.


_______________________________________________
--Bandwidth and Colocation provided by Easynews.com --

Asterisk-Users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

References:
- Anyone see this?
  - From: Tzafrir Cohen <tzafrir.cohen (at) xorcom.com>

Prev by Date: DTMF when using g.729
Next by Date: Queues and hangup caller on Agent hangup
Previous by thread: Anyone see this?
Next by thread: Cisco 7936 Conference Phone - SIP or SCCP?
Index(es):
- Main
- Thread