[asterisk-dev] Security Request for discussion: Should sip.conf allowguest=yes be the default

Tzafrir Cohen tzafrir.cohen at xorcom.com
Thu Nov 12 04:07:58 CST 2009 

On Thu, Nov 12, 2009 at 08:33:50PM +1300, Alec Davis wrote:
> At Tilghman's request.
>  
> We need to agree to change the sip.conf default from allowguest=yes to
> allowguest=no
> and extensions.conf to have a warning in the [default] section that sip.conf
> may have allowguest=yes or nothing which will default of yes.

Regardless of the arguments for and against setting the defaults in
sip.conf, keep in mind that configs/sip.conf.sample and to a much
greater extent configs/extennsions.conf.sample are sample/reference
configuration files. The user's configuration is not required to rely on
them.

So you basically ask to change the hard-wired default in chan_sip.c (and
maybe also the sample configuration file).

As for extensions.conf - here there's no "hardcoded default". Some users
would prefer to use extensions.ael insted. Generally
extensions.conf.sample is a nice demo but won't be used by most users.
Which means that adding anything there is purely documentation.

>  
> Reference mantis bugs;
>  <https://issues.asterisk.org/view.php?id=15101>
> https://issues.asterisk.org/view.php?id=15101 SIP allowguest defaults to yes
> with 'make samples' 
>  <https://issues.asterisk.org/view.php?id=16226>
> https://issues.asterisk.org/view.php?id=16226 1.4.26.3 security issue -
> Chinese IPs somehow are making calls without authentication 

Changing the defaults for a production version is not such a great idea.
The idea of a security update breaking my setup does not make me want to
install the next update.

>  
> There are many installations out there where newbies are playing in the
> [default] context in their dialplan, getting things working, then opening
> port 5060 in their firewall without understanding what they've just done.
>  
> Initially I thought it was great that we allow any SIP phone to connect to
> asterisk, with no configuration required at the astrisk end, how wrong I
> was. 

So maybe the example configuration should document that. Free VoIP calls
from anywhere and to anywhere is a great motivator to use Asterisk. How
do you avoid needless relays?

(I have SMTP in my mind when writing this)

-- 
               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen at xorcom.com
+972-50-7952406           mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com  iax:guest at local.xorcom.com/tzafrir

More information about the asterisk-dev mailing list