[asterisk-users] How to stop intruder from registering sip?

sean darcy seandarcy2 at gmail.com
Fri Jun 11 16:55:17 CDT 2010 

This is a small 12 line system, internal extensions 150 - 180. I didn't 
have a phone on 151. Here's the sip.conf stanza:

;;[151]
;;type=friend
;;context=longdistance
;;callerid="Conf Room" <151>
;;secret=0000
;;host=dynamic
;;qualify=yes
;;dtmfmode=rfc2833
;;allow=all
;;defaultuser=151
;;nat=yes
;;canreinvite=no

There's no DISA. And then somehow (how???) ip address 79.117.17.247 
becomes extension 151 and starts making calls to West Africa.

Now contactdeny and contactpermit over solve the problem. For instance, 
I can't register with my voip provider. I don't care about peers who I 
make calls to, or receive calls from. I'm just stunned someone can 
become a peer and make calls themselves.

How do I fix this in some reasonable way.

sean

[Jun 10 15:51:19] VERBOSE[1662] chan_sip.c:     -- Registered SIP '151' 
at 79.117.17.247 port 5060
[Jun 10 15:51:20] NOTICE[1662] chan_sip.c: Peer '151' is now Reachable. 
(161ms / 2000ms)
[Jun 10 15:51:20] NOTICE[1662] chan_sip.c: Received SIP subscribe for 
peer without mailbox: 151
[Jun 10 15:51:21] VERBOSE[1662] netsock.c:   == Using SIP RTP TOS bits 184
[Jun 10 15:51:21] VERBOSE[1662] netsock.c:   == Using SIP RTP CoS mark 5
[Jun 10 15:51:21] VERBOSE[1662] netsock.c:   == Using SIP VRTP CoS mark 6
[Jun 10 15:51:21] VERBOSE[1662] netsock.c:   == Using UDPTL TOS bits 184
[Jun 10 15:51:21] VERBOSE[1662] netsock.c:   == Using UDPTL CoS mark 5
[Jun 10 15:51:22] VERBOSE[4780] pbx.c:     -- Executing 
[01125240212154 at longdistance:1] Answer("SIP/151-000000ae", "") in new stack
[Jun 10 15:51:22] VERBOSE[4780] pbx.c:     -- Executing 
[01125240212154 at longdistance:2] Gosub("SIP/151-000000ae", 
"DialOut,s,1(01125240212154
,DAHDI/g0)") in new stack
.........
[Jun 10 15:51:22] VERBOSE[4780] pbx.c:     -- Executing [s at DialOut:9] 
Dial("SIP/151-000000ae", "DAHDI/g0/01125240212154") in new stack
[Jun 10 15:51:22] VERBOSE[4780] chan_dahdi.c:     -- Requested transfer 
capability: 0x00 - SPEECH
[Jun 10 15:51:22] VERBOSE[4780] app_dial.c:     -- Called g0/01125240212154
[Jun 10 15:51:22] VERBOSE[4780] app_dial.c:     -- DAHDI/2-1 is 
proceeding passing it to SIP/151-000000ae
[Jun 10 15:51:23] VERBOSE[4780] app_dial.c:     -- DAHDI/2-1 is making 
progress passing it to SIP/151-000000ae
[Jun 10 15:51:23] VERBOSE[4780] app_dial.c:     -- DAHDI/2-1 is making 
progress passing it to SIP/151-000000ae
[Jun 10 15:51:25] VERBOSE[4780] app_dial.c:     -- SIP/151-000000ae 
requested special control 16, passing it to DAHDI/2-1
[Jun 10 15:51:25] VERBOSE[4780] channel.c:     -- Music class default 
requested but no musiconhold loaded.
[Jun 10 15:51:25] VERBOSE[4780] app_dial.c:     -- SIP/151-000000ae 
requested special control 20, passing it to DAHDI/2-1

More information about the asterisk-users mailing list