For determining security risks, its specific to how your dialplan is set up. If a person connects to your asterisk, what can they do? what happens? did you set the incoming context to one with outgoing dialing rules? <div>
<br></div><div>Also for filtering calls, you'll probably want to either look at the incoming sip packets or ask your ITSP for info on how the calls come in. I have a DID with <a href="http://les.net">les.net</a> and in their web interface I can choose between having the calls addressed to <a href="mailto:sipuser@did.voip.les.net">sipuser@did.voip.les.net</a> or <a href="mailto:DID@did.voip.les.net">DID@did.voip.les.net</a> Or maybe even check the cdr files. Or just look at the error message when theres no catchall, it's an error like "incoming call for extension 523523 doesn't match anything in context whatever".<br>
<br><div class="gmail_quote">On Wed, Jun 17, 2009 at 12:20 PM, Zaheer Master <span dir="ltr"><<a href="mailto:zkmlist@aisww.com">zkmlist@aisww.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div lang="EN-US" link="blue" vlink="purple">
<div>
<p>Hi All,</p>
<p>I’m having a bit of trouble with my new *NOW setup.</p>
<p>I’ve downloaded and installed *NOW 1.5. We’re
using 1 SIP Trunk from SimpleSignal.com. Outbound calling works great, but
I’m having some trouble with inbound calls.</p>
<p> </p>
<p>First, we would get the “the number you have dialed is
not in service” error on inbound calls. After some googling, I found out
that I needed to enable anonymous SIP calls in to the system. When I did that,
it started to work. I was a little worried about potential security risks so I
wanted to filter inbound calls by DID. I tried the formats DID, +DID, and
+1DID, but all of them caused the box to hang up or give me the “number
not in service” error message.</p>
<p> </p>
<p>Are there any known security risks by allowing anonymous SIP
and having an ANY/ANY inbound route?</p>
<p> </p>
<p>Thanks in advance for any help!</p>
<p> </p>
<p>--Zaheer</p>
<p> </p>
</div>
</div>
<br>_______________________________________________<br>
-- Bandwidth and Colocation Provided by <a href="http://www.api-digital.com" target="_blank">http://www.api-digital.com</a> --<br>
<br>
asterisk-users mailing list<br>
To UNSUBSCRIBE or update options visit:<br>
<a href="http://lists.digium.com/mailman/listinfo/asterisk-users" target="_blank">http://lists.digium.com/mailman/listinfo/asterisk-users</a><br></blockquote></div><br></div>