[asterisk-dev] Security Request for discussion: Should sip.conf allowguest=yes be the default
Alexandre Cavalcante Alencar
alexandre.alencar at gmail.com
Tue Nov 17 13:29:41 CST 2009
Hi Alec
On Tue, Nov 17, 2009 at 4:07 PM, Alec Davis <sivad.a at paradise.net.nz> wrote:
> I've been pondering what has been suggested in this email since I sent the
> original request for discussion.
>
> The idea is to default 'allowguest to 'local' using the following.
>
> 'allowguest=local'
> only computers on the same subnet as asterisk, 'That magic moment is
> still preserved when first connecting to asterisk.
> 'allowguest=no'
> A locked down system, where you definately don't want guest.
> 'allowguest=yes'
> You know what your doing, and guests are allowed.
>
This seems to be simple and effective proposal. Adding the [public]
context for guest proposal, make things clear and simple.
So, we have a allowguest=<local|no|yes> that defaults to 'local' and
the guests all go to '[public]' context. Above '[public]' a
explanation about that context usage...
> Alec Davis
>
--
Alexandre Alencar (Skarmeth)
http://blog.alexandrealencar.net/
http://www.alexandrealencar.net/
ITIL, CSM, LPI, MCP-I, MCP
More information about the asterisk-dev
mailing list