Wiley Siler
2005-Aug-10 12:43 UTC
[Asterisk-Users] Firewall will definately increase jittersinyourvoice conversation
Absolutely. Lokesh, I suggest you go to the Wiki and check out the security issues inherint in the implementation of SIP in Asterisk. http://voip-info.org/tiki-index.php?page=Asterisk%20security http://voip-info.org/tiki-index.php?page=Asterisk+security+dialplan -----Original Message----- From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Jonathan k. Creasy Sent: Wednesday, August 10, 2005 12:25 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: RE: [Asterisk-Users] Firewall will definately increase jittersinyourvoice conversation Wiley is definitely right. It would be dangerous not to have a firewall for security reasons. -----Original Message----- From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Wiley Siler Sent: Wednesday, August 10, 2005 2:27 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: RE: [Asterisk-Users] Firewall will definately increase jitters inyourvoice conversation Lokesh, While adding a firewall may add a tiny bit of latency (non-noticeable by the way) it in no way means you are gonna get jitter. An over utilized data line might cause that but a firewall in and of itself will not. I use a Pix to route my VoIP to an ITSP and I could not be happier. To say that using a firewall causes high latency is incorrect. Thanks, Wiley -----Original Message----- From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Lokesh kumar Sent: Wednesday, August 10, 2005 10:57 AM To: asterisk-users@lists.digium.com Subject: [Asterisk-Users] Firewall will definately increase jitters in yourvoice conversation Hi, If you will put firewall, then i think you will get high latency and consequently you will hear voice jitter in your conversation. so avoid putting firewall. Regards Lokesh Portugal mail lokeshkumar80@yahoo.co.in ____________________________________________________ Send a rakhi to your brother, buy gifts and win attractive prizes. Log on to http://in.promos.yahoo.com/rakhi/index.html _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Jonathan k. Creasy
2005-Aug-11 06:29 UTC
[Asterisk-Users] Firewall will definately increase jittersinyourvoice conversation
I didn't necessarily mean a separate firewall device, but I wouldn't put a machine out there without a firewall either between it and the net or on it (iptables for example) As far as ""If" I know what I am doing" goes, I have not read the source of everything that *is* required in my environment so how am I to know it's secure enough not to allow for the creation of a backdoor, rootkit or anything else? Therefore, even when I have taken all other security measures I also lock down a box with a firewall. Usually, iptables, not a separate firewall device. -Jonathan -----Original Message----- From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Rich Adamson Sent: Wednesday, August 10, 2005 11:58 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: RE: [Asterisk-Users] Firewall will definately increase jittersinyourvoice conversation That's a crack of crap sold by the marketing (not sales) people selling firewalls. "If" you know what you're doing, one can very easily secure any linux system to function on the Internet (etc) without a firewall. It all depends on your level of knowledge/skills on how to disable those items that are not really needed in your environment. Start with a 'netstat -a' to identify those ports that are listening, and shut those items down that you don't want exposed. You "can" do the same for any MS system as well. ------------------------> Wiley is definitely right. It would be dangerous not to have afirewall> for security reasons. > > -----Original Message----- > From: asterisk-users-bounces@lists.digium.com > [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Wiley > Siler > Sent: Wednesday, August 10, 2005 2:27 PM > To: Asterisk Users Mailing List - Non-Commercial Discussion > Subject: RE: [Asterisk-Users] Firewall will definately increasejitters> inyourvoice conversation > > Lokesh, > > While adding a firewall may add a tiny bit of latency (non-noticeableby> the way) it in no way means you are gonna get jitter. An overutilized> data line might cause that but a firewall in and of itself will not.I> use a Pix to route my VoIP to an ITSP and I could not be happier. To > say that using a firewall causes high latency is incorrect. > > Thanks, > Wiley > > > > > -----Original Message----- > From: asterisk-users-bounces@lists.digium.com > [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Lokesh > kumar > Sent: Wednesday, August 10, 2005 10:57 AM > To: asterisk-users@lists.digium.com > Subject: [Asterisk-Users] Firewall will definately increase jitters in > yourvoice conversation > > Hi, > > If you will put firewall, then i think you will get high latency and > consequently you will hear voice jitter in your conversation. so avoid > putting firewall. > > Regards > Lokesh > Portugal > mail lokeshkumar80@yahoo.co.in > > > > > > > ____________________________________________________ > Send a rakhi to your brother, buy gifts and win attractive prizes. Log > on to http://in.promos.yahoo.com/rakhi/index.html > _______________________________________________ > Asterisk-Users mailing list > Asterisk-Users@lists.digium.com > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > _______________________________________________ > Asterisk-Users mailing list > Asterisk-Users@lists.digium.com > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > _______________________________________________ > Asterisk-Users mailing list > Asterisk-Users@lists.digium.com > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >---------------End of Original Message----------------- _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Wiley Siler
2005-Aug-11 09:23 UTC
[Asterisk-Users] Firewall will definately increase jittersinyourvoice conversation
The question was not "can I secure a Linux box without a hardware firewall". The question (or statement really) was "will a firewall add jitter and lower performance". That answer is obviously a big NO. Can you secure a Linux (or even Windows) machine by closing ports? Sure. It helps immensely. However, an advantage of hardware is that you are physically separating the traffic from the end point. Sure, all the ports closed on a Linux box can protect that machine. However, having only web (for example) traffic going to your Apache server is really beneficial. The server can focus on delivering pages and not spend any CPU cycles on "is this a good packet? Should I drop it?". A firewall (software or hardware) should also be able to better deal with DOS and things of that nature. Port securing does nothing to assist with DOS. So... You are totally right, you can secure a box that way. However, a firewall (be it software or hardware) is far superior a method. I prefer the hardware method myself as it is a matter of management and additional features. However, for some, a software method may be better. I ran Mandrake SNF (a shorewall implementation) for a long time so I have been there. Considering you can run a Linux firewall on a 386 machine worth $20 makes the fact that so many people don't have firewalls seem just ridiculous. W -----Original Message----- From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Rich Adamson Sent: Wednesday, August 10, 2005 8:58 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: RE: [Asterisk-Users] Firewall will definately increase jittersinyourvoice conversation That's a crack of crap sold by the marketing (not sales) people selling firewalls. "If" you know what you're doing, one can very easily secure any linux system to function on the Internet (etc) without a firewall. It all depends on your level of knowledge/skills on how to disable those items that are not really needed in your environment. Start with a 'netstat -a' to identify those ports that are listening, and shut those items down that you don't want exposed. You "can" do the same for any MS system as well. ------------------------> Wiley is definitely right. It would be dangerous not to have a > firewall for security reasons. > > -----Original Message----- > From: asterisk-users-bounces@lists.digium.com > [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Wiley > Siler > Sent: Wednesday, August 10, 2005 2:27 PM > To: Asterisk Users Mailing List - Non-Commercial Discussion > Subject: RE: [Asterisk-Users] Firewall will definately increase > jitters inyourvoice conversation > > Lokesh, > > While adding a firewall may add a tiny bit of latency (non-noticeable > by the way) it in no way means you are gonna get jitter. An over > utilized data line might cause that but a firewall in and of itself > will not. I use a Pix to route my VoIP to an ITSP and I could not be > happier. To say that using a firewall causes high latency isincorrect.> > Thanks, > Wiley > > > > > -----Original Message----- > From: asterisk-users-bounces@lists.digium.com > [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Lokesh > kumar > Sent: Wednesday, August 10, 2005 10:57 AM > To: asterisk-users@lists.digium.com > Subject: [Asterisk-Users] Firewall will definately increase jitters in> yourvoice conversation > > Hi, > > If you will put firewall, then i think you will get high latency and > consequently you will hear voice jitter in your conversation. so avoid> putting firewall. > > Regards > Lokesh > Portugal > mail lokeshkumar80@yahoo.co.in > > > > > > > ____________________________________________________ > Send a rakhi to your brother, buy gifts and win attractive prizes. Log> on to http://in.promos.yahoo.com/rakhi/index.html > _______________________________________________ > Asterisk-Users mailing list > Asterisk-Users@lists.digium.com > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > _______________________________________________ > Asterisk-Users mailing list > Asterisk-Users@lists.digium.com > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > _______________________________________________ > Asterisk-Users mailing list > Asterisk-Users@lists.digium.com > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >---------------End of Original Message----------------- _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Apparently Analagous Threads
- Firewall will definately increase jitters inyourvoice conversation
- Firewall will definately increase jitters in your voice conversation
- Help me how to listen voicemail with SIP 7960
- Is it mandatory to give power supply to TDM400P card
- Waring problem with different brand phone