[Asterisk-Users] VoIP hackers gut Caller ID

David Boyd dboyd at fullmoonsoft.com
Wed Jul 7 14:47:39 MST 2004 

> -----Original Message-----
> From: asterisk-users-admin at lists.digium.com
> [mailto:asterisk-users-admin at lists.digium.com]On Behalf Of Timothy R.
> McKee
> Sent: Wednesday, July 07, 2004 11:58 AM
> To: asterisk-users at lists.digium.com
> Subject: RE: [Asterisk-Users] VoIP hackers gut Caller ID
>
>
> This has always been one of my pet peeves, even as I worked in
> the industry.
> A telco switch operating a DS1 on trunk side should enforce caller-id
> numbers to be within the range of DID numbers assigned to that
> trunk.  There
> should be a default DID number that is used to replace any
> *invalid* numbers
> sent on that trunk.  Note that blocked caller ids would still be blocked,
> but the rest of the data should be corrected.  Blocking ID is ok, lying
> about it is not.
>
> Blind trust of a non-SS7 link is a _bad_ thing.
>
> ====================================================================
> Timothy R. McKee
>
>
> -----Original Message-----
> From: asterisk-users-admin at lists.digium.com
> [mailto:asterisk-users-admin at lists.digium.com] On Behalf Of Kevin Walsh
> Sent: Wednesday, July 07, 2004 10:01
> To: asterisk-users at lists.digium.com
> Subject: RE: [Asterisk-Users] VoIP hackers gut Caller ID
>
> Adam Hart [adam at teragen.com.au] wrote:
> > Chris Foster wrote:
> > > The Register is carrying a article written by Kevin Poulsen of
> > > Securtiy Focus, calling asterisk  "..the most powerful tool for
> > > manipulating and accessing CPN data.."
> > >
> > > I hope NuFone doesn't drop asterisk-set-able callerid's after this
> > > article; i've been wanting that feature from voicepluse for a long
> > > time.
> > >
> > These kind of things will be reason (excuse) for Voip to be regulated
> >
> Perhaps service providers who allow the Caller*ID to be set should insist
> that customers provide evidence that they own the phone numbers that they
> want to publish, and then limit the customers' choices to only the numbers
> in their approved list.  Calling the customer on the provided number(s)
> would be an easy way to check, and a setup fee could be levied to
> cover the
> provider's time and expenses, if required.
>
> Being able to discover a "blocked" Caller*ID is another matter.  Both are
> good areas for regulation.
>
> --
>    _/   _/  _/_/_/_/  _/    _/  _/_/_/  _/    _/
>   _/_/_/   _/_/      _/    _/    _/    _/_/  _/   K e v i n   W a l s h
>  _/ _/    _/          _/ _/     _/    _/  _/_/    kevin at cursor.biz
> _/   _/  _/_/_/_/      _/    _/_/_/  _/    _/
>
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
>
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users

How then should a service provider who is routing tandem traffic place a
call through any other network?  This would preclude the ability for
pre-paid or post paid providers to send out traffic at the originating
customers request with correct callerid!


Dave

More information about the asterisk-users mailing list