[asterisk-users] SIP Security
Martin
asterisklist at callthem.info
Tue Jan 12 12:08:31 CST 2010
Lets just say that you turned off the security ...
[general]
context=default ; Default context for incoming calls
so everyone that can connect to your IP port 5060 UDP can access
default context...
why would you allow this context to place outgoing calls then ?
secret=blah
also you think the bots don't know this password ???
Martin
On Tue, Jan 12, 2010 at 11:43 AM, Juan C. Villa <juanqui at villafam.com> wrote:
> Hey guys,
>
> I've been running asterisk on my server for some time now (currently
> running Asterisk 1.6.2.0). I am having security issues with my SIP
> accounts. Unauthorized people have been able to access the server (bots)
> and they have been able to make calls (in today's case to Cuba).
>
> Here's a copy (slightly modified) of my sip.conf:
>
> [general]
> context=default ; Default context for incoming calls
> videosupport=yes
> rtcachefriends=yes
> autocreatepeer=no
> t38pt_udptl=yes
>
> allowoverlap=no
> udpbindaddr=0.0.0.0
> srvlookup=yes
> ;pedantic=yes
>
> disallow=all
> allow=alaw
> allow=ulaw
> allow=speex
>
> [1001]
> type=friend
> username=1001
> secret=blah
> subscribecontext=default
> regexten=1001
> callerid="blah" <XXXXXXXXXX>
> host=dynamic
> nat=yes
> canreinvite=no
> mailbox=1001 at default
> registertrying=yes
>
> [testuser]
> type=friend
> secret=blah
> callerid="blah" <XXXXXXXXX>
> host=dynamic
> nat=yes
> qualify=yes
> allowsubscribe=yes
> canreinvite=no
> context=default
>
>
> [testuser2]
> type=friend
> username=testuser2
> secret=
> callerid="blah" <blah>
> host=dynamic
> nat=yes
> qualify=yes
> allowsubscribe=yes
> canreinvite=no
> context=default
>
>
> Someone is able to connect to my server and make a call since they can
> access the default context. What should I do?
>
> Thanks guys!
>
>
>
>
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
More information about the asterisk-users
mailing list