[asterisk-bugs] [JIRA] Commented: (ASTERISK-20506) With alwaysauthreject=yes AND allowguest=no Asterisk fails to report Attacker's IP Address

Michael L. Young (JIRA) noreply at issues.asterisk.org
Fri Oct 12 13:52:27 CDT 2012


    [ https://issues.asterisk.org/jira/browse/ASTERISK-20506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=198389#comment-198389 ] 

Michael L. Young commented on ASTERISK-20506:
---------------------------------------------

First of all, Asterisk does not decide what is an attack and what is not.  The only thing it does is report events that might be of interest in a way that a tool, module, script, human being, etc. can parse the log and make a decision on what it wants to do with that information.

As of right now, only INVITE and REGISTER methods are being reported because that is all the initial implementation of security events in chan_sip was programmed for.  INVITE and REGISTER methods are, say, probably more of interest versus OPTIONS (not to say that it shouldn't be reported).



More information about the asterisk-bugs mailing list