[Asterisk-Users] Newbie: Only allow authenticated users to call
Benjamin on Asterisk Mailing Lists
benjk.on.asterisk.ml at gmail.com
Wed Sep 8 01:42:32 MST 2004
On Wed, 8 Sep 2004 10:31:44 +0200, Henry Jensen <hjensen at gmx.de> wrote:
> I made the observation that I'm able to make a call with my SIP client (kphone) even when I'm
> not registered/authenticated.
>
> Of course, when I'm not registered at asterisk, people can't call me, but it's still a huge security
> hole, that unregistered Clients can make calls.
Make sure you don't include your default context anywhere you don't
want unregistered callers to have access to. This also means you
shouldn't have any extensions in your default context that you don't
want unregistered callers to have access to.
rgds
benjk
--
Sunrise Telephone Systems, 9F Shibuya Daikyo Bldg., 1-13-5 Shibuya,
Tokyo, Japan.
NB: Spam filters in place. Messages unrelated to the * mailing lists
may get trashed.
More information about the asterisk-users
mailing list