[asterisk-users] How to stop intruder from registering sip?

[Tilghman Lesher]

On Sunday 13 June 2010 15:06:52 sean darcy wrote:
> As I mentioned, I'm not inclined to mess with the secrets, too much
> hassle for users. That's why I'm considering deny/permit.

Clearly, this intruder isn't costing you enough money yet.  If you ignore the
problem for a month, does that cost you enough money that you'll consider
making the passwords exceptionally difficult to guess?

> Does that solve my problem?

If there are any IP addresses that you do not control that are in your
allow list, then it does not solve your problem.

> We use a combo of aastra 9133i and 57i's. Don't the user id and the
> extension HAVE to be the same? I had thought the aastra's used the
> extension as the SIP id to register.

You are stuck in the mindframe that the extension is the unique identifier for
the phone.  It is not.  There is a device identifier and there is an
extension.  The extension does not pass beyond the limits of the Asterisk
system, and the purpose of the Asterisk dialplan (in an office environment)
is to map extensions to device identifiers.

-- 
Tilghman Lesher
Digium, Inc. | Senior Software Developer
twitter: Corydon76 | IRC: Corydon76-dig (Freenode)
Check us out at: www.digium.com & www.asterisk.org