Security issues with Port 5038

We recently moved our PiaF server from a local computer to a hosted server due to the expansion of our company.

However in order to have our TAPI drivers work properly, I need to expose port 5038 to the outside world.

I have changed the password within manager.conf so it’s not the default password.

My questions are:

  1. What issues can I encounter by simply exposing port 5038?
  2. Can someone hack into our system using port 5038?
  3. All of our remote offices use Dynamic IP addresses but they all have a unique no-ip dynamic DNS name. Is there a way to just allow these DDNS ip addresses?



You should check AST-2011-006, AST-2011-005 and AST-2011-003
Manager credentials are sent in the clear, so you should be using VPN.

Using a VPN would not work in our case because our remote users are already VPNing into our server in the main office.

Is there a way to setup the CentOS firewall so it only allow connections from our offices and not from anywhere else? Or should I try to get the deny/permit options working for that?