[sr-dev] DMQ security
Peter Dunkley
peter.dunkley at crocodilertc.net
Tue Oct 29 11:25:22 CET 2013
Hello,
Are there any options for pushing the traffic through the TLS module?
Regards,
Peter
On 29 October 2013 10:17, Charles Chance <charles.chance at sipcentric.com>wrote:
> Devs,
>
> I'm looking for some advice/opinions.
>
> Regarding security of the dmq messages between kamailios - currently it
> can be achieved by using a separate port (and/or ip) for dmq use and
> locking this down at firewall level. Of course, tls can be used to protect
> the content of the messages over the wire.
>
> So is this enough? Or should I look to implement some kind of
> authentication mechanism as well? Perhaps something as simple as a
> pre-shared key would suffice, assuming the messages are encrypted of
> course. Full digest authentication is way too heavy in my opinion.
>
> Any ideas? Or just leave it up to the user to secure it in network layer?
>
> Cheers,
>
> Charles
>
> www.sipcentric.com
>
> Follow us on twitter @sipcentric <http://twitter.com/sipcentric>
>
> Sipcentric Ltd. Company registered in England & Wales no. 7365592. Registered
> office: Unit 10 iBIC, Birmingham Science Park, Holt Court South, Birmingham
> B7 4EJ.
> _______________________________________________
> sr-dev mailing list
> sr-dev at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>
>
--
Peter Dunkley
Technical Director
Crocodile RCS Ltd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20131029/4cfefad9/attachment.html>
More information about the sr-dev
mailing list