I wondering if anyone knows if is any best practice documentation for securing remote phones?
My biggest concern isn’t the vulnerability of phone call being tapped\listened to but securing my asterisk server so that it’s not compromised and I’m left with a huge telephone bill to cuba or somewhere…
At the moment, all I’m doing is “secure passwords”, Dyndns, and a script running on the server every 5min updating the iptables with updated dnydns. This kind of works ok but not great. It covers peoples home phones but not say… an Ipad or mobile device running a sip client.
So, I’m basically looking for advice to how other people tackle this problem?