[Asterisk-Dev] Re: [Asterisk-Users] SIP SECURITY WARNING: v1-0
(cvs today) sip context in general section ignored goes to default
instead
- allowing unauthorized sip devices to place calls in default context
Daniel Pocock
daniel at readytechnology.co.uk
Sat Dec 4 03:40:04 MST 2004
It's still a legitimate bug report, but for a different reason - would
it be a good idea for Asterisk to disable the SIP channel completely if
no context has been explicitly specified in sip.conf? Same goes for all
other types of channel support (IAX, H323, etc).
Regards,
Daniel
Martin List-Petersen wrote:
>On Sat, 2004-12-04 at 00:47, Andy Reinke wrote:
>
>
>>SIP SECURITY WARNING
>>
>>Version: v1-0 (cvs today)
>>
>>Problem: sip context in general section ignored - goes to default -
>>allowing unauthorized sip devices to place calls in default context
>>
>>
>>
>[CUT]
>
>
>>Sip.conf
>>[general]
>>contex=sip-unauthorized
>>port=5060
>>bindaddr=0.0.0.0
>>localnet=172.16.0.0/255.255.255.0
>><eof>
>>
>>
>
>And by the way: if you spell "context" the way you do (check above) it
>of course will get ignored.
>
>Slán leat,
>Martin List-Petersen
>Dublin, Eire
>(contact info on --> http://www.marlow.dk/)
>
>
>_______________________________________________
>Asterisk-Dev mailing list
>Asterisk-Dev at lists.digium.com
>http://lists.digium.com/mailman/listinfo/asterisk-dev
>To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-dev
>
>
More information about the asterisk-dev
mailing list