From 3f3a3623c88ee7171f5240ac2267e12d1b63c1e6 Mon Sep 17 00:00:00 2001 From: Alessandro Polidori Date: Thu, 19 Dec 2019 17:41:02 +0100 Subject: [PATCH] turnserver.conf: add --prod section to enhance security --- docker/coturn/turnserver.conf | 9 +++++++++ examples/etc/turnserver.conf | 9 +++++++++ 2 files changed, 18 insertions(+) diff --git a/docker/coturn/turnserver.conf b/docker/coturn/turnserver.conf index c1bf1304..d455dd3f 100644 --- a/docker/coturn/turnserver.conf +++ b/docker/coturn/turnserver.conf @@ -575,6 +575,15 @@ syslog # #stun-only +# Option to hide software version. Enhance security when used in production. +# Revealing the specific software version of the agent through the +# SOFTWARE attribute might allow them to become more vulnerable to +# attacks against software that is known to contain security holes. +# Implementers SHOULD make usage of the SOFTWARE attribute a +# configurable option (https://tools.ietf.org/html/rfc5389#section-16.1.2) +# +#prod + # Option to suppress STUN functionality, only TURN requests will be processed. # Run as TURN server only, all STUN requests will be ignored. # By default, this option is NOT set. diff --git a/examples/etc/turnserver.conf b/examples/etc/turnserver.conf index d8189f53..b397472e 100644 --- a/examples/etc/turnserver.conf +++ b/examples/etc/turnserver.conf @@ -559,6 +559,15 @@ # #stun-only +# Option to hide software version. Enhance security when used in production. +# Revealing the specific software version of the agent through the +# SOFTWARE attribute might allow them to become more vulnerable to +# attacks against software that is known to contain security holes. +# Implementers SHOULD make usage of the SOFTWARE attribute a +# configurable option (https://tools.ietf.org/html/rfc5389#section-16.1.2) +# +#prod + # Option to suppress STUN functionality, only TURN requests will be processed. # Run as TURN server only, all STUN requests will be ignored. # By default, this option is NOT set.