[App_rpt-users] New Official Allstar Distribution Released

[Leon Zetekoff]

If I can throw in my $0.02

from someone who has worked at a service provider doing managed services 
(routers and firewalls) you want to heed NerdUno (Ward Mundy's) words to 
never expose Asterisk to the internet, and especially since this is old 
ASterisk. You want some sort of firewall appliance in front of it.

I personally prefer VPN tunnels coming back in but you can get crafty 
and do port forwards with unknown ports to like 22 and 80 but there's 
always that risk of someone catching on. Tunnels are the safest way to 
get back inside. You only want to expose only the ports specifically 
necessary to do the job.

73 leon wa4zlw

On 10/5/2015 6:17 PM, Bryan Fields wrote:
> On 10/5/15 4:56 PM, David AIf I can throw inndrzejewski wrote:
>> This is a bad idea.  Root should*never*  be allowed to login to a system
>> remotely.  It's better to log in as a normal user and then become root
>> via su, sudo, etc.
> meh, it's more of a local policy thing.  I'd prefer it's not enabled 
> by default, but there are some reasons I could see for enabling it.
>
> -- 
> Bryan Fields
>
> 727-409-1194 - Voice
> 727-214-2508 - Fax
> http://bryanfields.net
>
>
> _______________________________________________
> App_rpt-users mailing list
> App_rpt-users at ohnosec.org
> http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
>
> To unsubscribe from this list please visit http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
> You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.keekles.org/pipermail/app_rpt-users/attachments/20151005/b2a2b740/attachment.html>