Open paulmenzel opened 7 months ago
Change the default ports for starters.
XMPP clients will get the info via XEP-0215.
The DFN-CERT sent the warning below for our STUN server
We got the same email :smile:
Unfortunately, there's no proper fix, as:
As for workarounds, the only general recommendation is the one @licaon-kter mentioned, i.e. using a non-standard port. I guess the DFN-CERT might still discover you, but chances are the script kiddies won't. I was pondering with adding this hint to the documentation indeed.
The DFN-CERT sent the warning below for our STUN server:
As I am ignorant about these things, could a security section be added to the README, what risks are to be weighed?