[Asterisk-Users] verify Request URI
Klaus Darilion
klaus.mailinglists at pernau.at
Fri May 21 00:16:04 MST 2004
You could try the following:
If ser detects an outgoing call (like hisdomain.com), it starts an
external script (cpl-c module in ser) which lookups the domain (dig,
nslookup) and verifies it against the IP address of the asterisk box.
You would also have to take care of multiple returned IP addresses and
srv records for this domain as ser also uses them for resolving a
destination.
regards,
klaus
Michael Kreilmeier wrote:
> Hello!
>
> Does anybody know of a way to access the Request URI in a SIP message?
>
> I've got the following problem/scenario:
>
> We have a SIP Proxy (SER) wich forwards SIP-messages for non-IP
> destinations to our Asterisk. There is no authentication done between
> Asterisk and SER. I've configured Asterisk to accept any request for a
> PSTN-line from SER's IP-address.
> Since we allow IP-to-IP calls for free somebody could trick us by doing
> the following:
>
> He buys a domain and resolves "hisdomain.com" to our Asterisk-IP. Now he
> calls "someone at hisdomain.com" using our proxy (that's ok if he is a
> registered with us). SER resolves "hisdomain.com" and forwards the call
> to Asterisk. If "someone at hisdomain.com" looks like
> "00431234567 at hisdomain.com" asterisk is dialing this PSTN-number.
>
> So my solution would be to match the domainname in the SIP-Request-URI
> against our domain or the Asterisk-IP. How could I do that?
>
> Thanks in advance for any information,
> Michael Kreilmeier
>
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
>
More information about the asterisk-users
mailing list