[asterisk-users] Disallow CALLS without registry
Антон Сацкий
satskiy.a at gmail.com
Fri Feb 10 08:51:27 CST 2017
Thanks Frank -- but this not a solution
below my current config
[general]
;sms
accept_outofcall_message = yes
outofcall_message_context = messages
auth_message_requests = no
;general
allowguest = no
jbenable = no
jbimpl = adaptive
allow = !all,g722,ulaw,gsm
udpbindaddr = 0.0.0.0
transport = udp
language = ru
context = public
alwaysauthreject = yes
nat = force_rport,comedia
directmedia = no
allowoverlap = no
match_auth_username = yes
progressinband = yes
textsupport = yes
videosupport = yes
maxcallbitrate = 1384
;
sendrpid = pai
rpid_update = yes
pedantic=no
;tos
tos_sip=cs3
tos_audio=ef
tos_video=cs4
2017-02-10 16:40 GMT+02:00 Frank Vanoni <mailinglist at linuxista.com>:
> On Thu, 2017-02-09 at 14:58 +0200, Антон Сацкий wrote:
>
>
> > so the main question is -- how to Disallow CALLS without registering
> > on PBX
>
> sip.conf configuration
> In the [general] section, define:
>
>
> [general]
> ...
> allowguest=no
> alwaysauthreject=yes
> ...
>
>
> The "allowguest" line disables anonymous SIP calls to your PBX. Some SIP
> providers connect as a guest user, however, so this may be inappropriate
> for your situation. Also, if you want to accept anonymous SIP calls,
> this line would block them, so you wouldn't want that. But it is listed
> here because it is the safest configuration.
>
> The "alwaysauthreject" line is important. This causes a hacker to get
> the same response from your PBX when they try to guess passwords whether
> or not they guessed a valid username. This also has the side-effect of
> making poorly written scanning scripts (the vast majority of hacker
> scripts seem to be poorly written) take less resources on your Asterisk
> box, as even if they scan a valid username, they'll think it doesn't
> exist.
>
> (Source: https://www.voip-info.org/wiki/view/Asterisk+security )
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at: https://community.asterisk.
> org/
>
> New to Asterisk? Start here:
> https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
--
Best regards
Antony
tel. +380669197533
tel2. +380636564340
Paypal http://paypal.me/Satskiy
<http://paypal.me/Satskiy?ppid=PPC000654&cnac=PL&rsta=en_PL(en_DK)&cust=NN8XJS9XEP22C&unptid=21db79ac-ef8d-11e5-9553-9c8e992ea258&t=&cal=4d776c21ca7d2&calc=4d776c21ca7d2&calf=4d776c21ca7d2&unp_tpcid=ppme-social-business-profile-created&page=main:email&pgrp=main:email&e=op&mchn=em&s=ci&mail=sys>
satskiy.a at gmail.com <mail%3Asatskiy.a at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20170210/72b1219a/attachment.html>
More information about the asterisk-users
mailing list