[asterisk-users] Securing Asterisk - How to avoid sending, "SIP/2.0 603 Declined"
Patrick Lists
asterisk-list at puzzled.xs4all.nl
Sat Jul 23 10:48:44 CDT 2011
On 07/23/2011 04:00 PM, Paul Belanger wrote:
> A UAS rejecting an offer contained in an INVITE SHOULD return a 488
> (Not Acceptable Here) response. Such a response SHOULD include a
> Warning header field value explaining why the offer was rejected.
If the choice is to get hacked/DDOS'ed/etc or compliance with an RFC
created by people who had no appreciation for the rather ugly world out
there then why not throw the RFC out of the window and *not* reject an
invite with a 488? It sounds like an interesting option to add to
"10"/trunk. Better secure than compliant & sorry. Why not do a little
Microsoft Embrace & Extent? Like e.g. Sonus and Cisco do with their
interpretation of SIP.
Regards,
Patrick
More information about the asterisk-users
mailing list