[asterisk-users] How to stop intruder from registering sip?
Tilghman Lesher
tlesher at digium.com
Wed Jun 30 23:50:49 CDT 2010
On Wednesday 30 June 2010 18:38:51 Steve Edwards wrote:
> On Sun, 13 Jun 2010, Tilghman Lesher wrote:
> > I would generally suggest something a little more deterministic (where
> > 101 is your extension):
> >
> > $ echo '101This is a salt' | sha1sum
> > 22c3c098bfc2289396af84ecfb1ab77419a6537e
>
> Aside from being 8 characters longer, why do you prefer sha1sum to md5sum?
The use of MD5 is gradually being displaced, as crypto attacks are getting
better. Since SHA1 is usually the replacement, I went with it, since it's
also likely to be available on systems. While SHA1 will eventually succumb to
the same attacks as MD5, due to its larger bitstrength, it has quite a few
years left in it, before we need to start thinking about SHA256 or SHA512 to
replace it.
--
Tilghman Lesher
Digium, Inc. | Senior Software Developer
twitter: Corydon76 | IRC: Corydon76-dig (Freenode)
Check us out at: www.digium.com & www.asterisk.org
More information about the asterisk-users
mailing list