[CentOS] Asterisk and VOIP was Re: CentOS for non-tech user
Brian Mathis
brian.mathis at gmail.com
Wed Sep 30 22:15:38 UTC 2009
On Wed, Sep 30, 2009 at 5:23 PM, <rb4centos at gmail.com> wrote:
> -----Original Message-----
> From: Brian Mathis
>
> The difference is that CentOS is a general-purpose OS that can be used
> for many things, and has a much bigger installed base. That makes it
> more of a target and would likely be included in scanning tools. A
> custom OS running on a PBX might also have vulnerabilities, but it's
> also probably not a big target because of the diversity of systems out
> there and relative limited utility one would have if such a system
> were compromised.
>
> That you tend to tend to think of it as an "appliance" running the
> phone system does not change the fact that it's actually a full-blown
> server OS with the same issues as other servers.
>
>
> But if you're not connected to the Internet none of of this means anything. CentOS/Asterisk *would* be an appliance under these conditions. There are no "server" vulnerabilities because you're not connected to a LAN.
>
> Apologies if this is unreadable. I'm typing on my Centro and I do that very often.
>
"Not connected to the Internet", and "not connected to a LAN" are very
different things. I doubt VOIP would work if the server was not
connected to a LAN. There could be quite a few things on the LAN,
depending on it's size, such as viruses, malware, and even users doing
scans of the network. Don't assume that "out there" is insecure, and
"in here" is secure. That's one of the biggest mistakes to make when
creating a secure environment.
More information about the CentOS
mailing list