[VOIPSEC] TLS and Firewalls
Florian Weimer
fw at deneb.enyo.de
Tue Feb 8 16:08:38 CST 2005
* Thorsten Brinkmann:
> securing VoIP (e.g. SIP) with TLS is a nice idea. But how can
> firewalls handle this?
Your SIP gateway has to be part of your firewall, and the necessary
diligence has to be applied when implementing it. Expirence shows
anyway that many protocols (including TLS) are so complex that the
firewalling components handling them share quite a few bugs with the
actual servers (even if no code sharing takes place), or even have
bugs unique to them. There are only very, very few cases in which
more code doesn't result in more security problems, too.
More information about the Voipsec
mailing list