[Asterisk-Dev] Security Issue in Asterisk with sip.conf configuration.
Duane
digium at aus-biz.com
Tue May 4 03:59:45 MST 2004
Kelvin Chua wrote:
> i think the issue is with how * handles the incoming call in the first
> place, * should not even entertain unknown clients... or challenge all
> registers with authentication, acl is good (if it works...) but it will
> definitely pose an additional problem when we're talking hundreds of
> clients or even thousands all using different subnets. authentication of
> dynamic hosts is the way to go, and accept only registers from known
> entities...
Guest accounts saves adding 100's of entries, if not more, from people
doing inter-asterisk calls via enum... Most/all configuration examples
I've seen actively promote authorised users connecting only which is a
pain if they give you URL details and your call gets rejected because
they didn't add a guest account...
--
Best regards,
Duane
http://www.cacert.org - Free Security Certificates
http://www.nodedb.com - Think globally, network locally
http://www.sydneywireless.com - Telecommunications Freedom
http://happysnapper.com.au - Sell your photos over the net!
http://e164.org - Using Enum.164 to interconnect asterisk servers
More information about the asterisk-dev
mailing list