FALSE ALARM Re: [Asterisk-Users] SIP SECURITY WARNING: v1-0 (cvs
today) sip context in general section ignored goes to default
instead - allowing unauthorized sip devices to place calls in
default context
Andrew Kohlsmith
akohlsmith-asterisk at benshaw.com
Fri Dec 3 18:15:33 MST 2004
On December 3, 2004 07:47 pm, Andy Reinke wrote:
> SIP SECURITY WARNING
Not only are you overdramatic but you're also posting in HTML.
Please, please PLEASE remove your head from your ass, READ THE DOCUMENTATION
and UNDERSTAND it before you decide you're the next best Asterisk security
consultant.
You say you've been using asterisk for a while now -- which means that you
should know better than to
1) post HTML to this list
2) post a security alert without ASKING if this is the intended behaviour
and, at least in my mind,
3) had a basic understanding of how Asterisk routes incoming call requests to
contexts.
I mean come on -- Did the thrill of being the first with a 0day exploit for
Asterisk overrule your common sense?
-A.
More information about the asterisk-users
mailing list