[asterisk-users] allowguest defaults to yes for SIP

Danny Nicholas danny at debsinc.com
Thu Nov 12 08:45:45 CST 2009


Just my .02 - the guest context should torture or hangup instead of being
empty.  That might encourage a masochistic hacker though...

-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Administrator
TOOTAI
Sent: Thursday, November 12, 2009 8:42 AM
To: asterisk-users at lists.digium.com
Subject: Re: [asterisk-users] allowguest defaults to yes for SIP

Lee Howard a écrit :
> In your sip.conf file allowguest defaults to yes.  This means that 
> anyone that can reach the SIP ports on that system has access to make 
> unauthenticated calls, by default.  The administrator actually has to go 
> in and turn it off to prevent unauthenticated SIP calls (in whatever 
> context [general] points at).
>
> Does anyone else agree with me that this is a poor default?  I'd like to 
> see the default setting changed.
>
> It seems to me that this default is the reason behind the 
> doc/security.txt bias against using the "default" context for toll calls.
>   
Agree. Another possibility would be to have a guestcontext defined in 
default. This context would exist but empty.

-- 
Daniel

_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users




More information about the asterisk-users mailing list