-----Original Message----- From: Brian Mathis

The difference is that CentOS is a general-purpose OS that can be used for many things, and has a much bigger installed base. That makes it more of a target and would likely be included in scanning tools. A custom OS running on a PBX might also have vulnerabilities, but it's also probably not a big target because of the diversity of systems out there and relative limited utility one would have if such a system were compromised.

That you tend to tend to think of it as an "appliance" running the phone system does not change the fact that it's actually a full-blown server OS with the same issues as other servers. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos