[App_rpt-users] New Official Allstar Distribution Released
Leon Zetekoff
wa4zlw at arrl.net
Tue Oct 6 00:10:28 UTC 2015
Hi Steve... Not specifically. Check nerd vittles.com excellent resource.
What's the big deal about getting into current codebase?
Leon
Sent from my Sprint Phone.
----- Reply message -----
From: "Steve Zingman" <szingman at msgstor.com>
To: "Leon Zetekoff" <wa4zlw at backwoodswireless.net>, <app_rpt-users at ohnosec.org>
Subject: [App_rpt-users] New Official Allstar Distribution Released
Date: Mon, Oct 5, 2015 7:40 PM
Leon,
I've heard this before about old Asterisk. Any notes you can point
to detailing security issues in 1.4?
73, Steve N4IRS
On 10/05/2015 06:43 PM, Leon Zetekoff
wrote:
If I can throw in my $0.02
from someone who has worked at a service provider doing managed
services (routers and firewalls) you want to heed NerdUno (Ward
Mundy's) words to never expose Asterisk to the internet, and
especially since this is old ASterisk. You want some sort of
firewall appliance in front of it.
I personally prefer VPN tunnels coming back in but you can get
crafty and do port forwards with unknown ports to like 22 and 80
but there's always that risk of someone catching on. Tunnels are
the safest way to get back inside. You only want to expose only
the ports specifically necessary to do the job.
73 leon wa4zlw
On 10/5/2015 6:17 PM, Bryan Fields
wrote:
On 10/5/15 4:56 PM, David AIf I can
throw inndrzejewski wrote:
This is a bad idea. Root should *never* be allowed to login to a system
remotely. It's better to log in as a normal user and then become root
via su, sudo, etc.
meh, it's more of a local policy thing. I'd prefer it's not
enabled by default, but there are some reasons I could see for
enabling it.
--
Bryan Fields
727-409-1194 - Voice
727-214-2508 - Fax
http://bryanfields.net
_______________________________________________
App_rpt-users mailing list
App_rpt-users at ohnosec.org
http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
To unsubscribe from this list please visit http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem.
_______________________________________________
App_rpt-users mailing list
App_rpt-users at ohnosec.org
http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
To unsubscribe from this list please visit http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem.
--
"Anything is possible if you don't know what you are talking about."
1st Law of Logic
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.keekles.org/pipermail/app_rpt-users/attachments/20151005/02004438/attachment.html>
More information about the App_rpt-users
mailing list