Re: Asterisk and VOIP was Re: CentOS for non-tech user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Ron Blizzard wrote:
>
>>> I do want to do an update of it all to latest versions etc. but when it
>>> just keeps working it is hard to justify the down time and potential
>>> hic-ups.
>> If you are very well firewalled and trust all the local users you might
>> get away with ignoring security updates but it's mostly a matter of
>> luck.  With the stock CentOS components, your downtime for an update is
>> normally just a reboot and problems are extremely rare.  If you'd added
>> custom or 3rd party code items there's a somewhat greater risk, but it
>> is still pretty unlikely that an update would break things - or that you
>> wouldn't have heard about other people having a problem.
> 
> If I understand Rob correctly here, there is actually no need for a
> firewall. He's not on the Internet. He's using analog trunks and SIP
> phones in a closed system. He's basically got a traditional key system
> or PBX switch that just happens to be based on CentOS/Asterisk.
> 
> (Traditional telephone switches have been based on UNIX for years.)

You are still exposed to anything that is on the local LAN - which could 
include other machines that might have been compromised through browser 
exploits, etc. unless the segment only connects to IP phones (and you 
lose the ability to use soft phones).  Linux is less vulnerable to most 
of these than windows would be, but still, if you know there are updates 
to fix known security  issues you are pressing your luck if you don't 
install them.

Phone switches are particularly attractive targets to hackers:
http://nerdvittles.com/index.php?p=580

-- 
   Les Mikesell
    lesmikesell@xxxxxxxxx

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux