[asterisk-bugs] [JIRA] (ASTERISK-27472) 401 Unauthorized from INVITE not generating security event

Joshua Colp (JIRA) noreply at issues.asterisk.org
Sat Dec 23 10:14:41 CST 2017


    [ https://issues.asterisk.org/jira/browse/ASTERISK-27472?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=241118#comment-241118 ] 

Joshua Colp commented on ASTERISK-27472:
----------------------------------------

There was a failure to find a SIP peer or user, but there wasn't a failure to authenticate. It was still just a challenge (albeit one that will surely fail). If they attempted to actually authenticate then it would raise a security event.

I asked as I believe this is a new feature/functionality, which we don't keep open on the issue tracker unless there is a patch attached. The chan_sip module is also extended support so it falls onto the community as well.

> 401 Unauthorized from INVITE not generating security event
> ----------------------------------------------------------
>
>                 Key: ASTERISK-27472
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-27472
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/General, Channels/chan_sip/Security Framework
>    Affects Versions: 13.7.2
>         Environment: CentOS 7
>            Reporter: Michelle Dupuis
>            Assignee: Michelle Dupuis
>            Severity: Minor
>
> Using 'set sip debug on' I can watch the SIP traffic to/from the PBX.  I also have another monitor open showing security events from the AMI.  I can confirm that failed registration attempts correctly raising security events, but one type of failed SIP transaction is showing 401 Unauthorized in the CLI, but NO security event in the AMI.   See Notes below for an example SIP trace that is NOT raising a security event.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list