[CentOS] Asterisk and VOIP was Re: CentOS for non-tech user

Thu Oct 1 18:46:54 UTC 2009
Rob Kampen <rkampen at kampensonline.com>

Ron Blizzard wrote:
> On Wed, Sep 30, 2009 at 5:15 PM, Brian Mathis <brian.mathis at gmail.com> wrote:
>
>   
>> "Not connected to the Internet", and "not connected to a LAN" are very
>> different things.  I doubt VOIP would work if the server was not
>> connected to a LAN.  There could be quite a few things on the LAN,
>> depending on it's size, such as viruses, malware, and even users doing
>> scans of the network.  Don't assume that "out there" is insecure, and
>> "in here" is secure.  That's one of the biggest mistakes to make when
>> creating a secure environment.
>>     
>
> You're right. I was thinking like a phone tech -- that the VOIP
> system's wiring was still separate from the regular LAN.
>
>   
Just to set your minds at ease (or not).
I have a separate D-Link switch that does PoE (to power the snom phones) 
and vlans and set it up so that all the phones are on one vlan called VOIP.
The * server single eth0 is also on this vlan, but does also belong to 
the rest of the office on another vlan called LAN.
So - the snom phones (linux based) can only see the * server.
The * server can see the rest of the LAN - so in theory anyone on the 
local LAN can scan and see the CentOS based * server.
We are however a very small office and I get to see all connected PCs in 
action.
As I have some questions about SIP security I was not prepared to have 
the snom phones in any way being accessible to / from the LAN (let alone 
the internet).
Tks for comments and suggestions.
Rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rkampen.vcf
Type: text/x-vcard
Size: 121 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20091001/b803b5a9/attachment-0005.vcf>