I read http://nerdvittles.com/?p=30297 about the Public Facing option where a FQDN is needed to connect to the server.
I like the idea of doing that to make access easy for Softphones on Android.
Part of @wardmundy's writeup is to obfuscate the SSH port. I'm assuming that this is because SSH is now open to the world.
My question is why not combine the FQDN idea with TravelinMan? i.e. Require FQDN to access the server for SIP, but for other protocols require a whitelisted/TravelinMan IP.
This would make it easy for users with cell phones (who may not be technical) and for admin access (me), I can jump through the TravelinMan hoops for SSH. The result should be a more secure server as only SIP is open to the world.
What do you think?
I like the idea of doing that to make access easy for Softphones on Android.
Part of @wardmundy's writeup is to obfuscate the SSH port. I'm assuming that this is because SSH is now open to the world.
My question is why not combine the FQDN idea with TravelinMan? i.e. Require FQDN to access the server for SIP, but for other protocols require a whitelisted/TravelinMan IP.
This would make it easy for users with cell phones (who may not be technical) and for admin access (me), I can jump through the TravelinMan hoops for SSH. The result should be a more secure server as only SIP is open to the world.
What do you think?