[Asterisk-Users] Asterisk security problem: authorized SIP users
can fake any callerid!
C F
shmaltz at gmail.com
Fri Mar 11 12:41:37 MST 2005
Welcome to SIP, this is how SIP works, thats why ppl use IAX.
On Fri, 11 Mar 2005 19:06:20 +0100, Deti Fliegl <deti at fliegl.de> wrote:
> Hi there,
>
> all that started by investigating what happens if SIP clients are
> calling anonymously.
> The problem: Every client who is registered as a regular user with
> username and secret can fake any callerid in subsequent INVITEs.
> Asterisk does not apply an accountcode or callerid from sip.conf. Those
> calls end up unbilled and untraceable.
>
> Is there any way to fix this problem - did I misunderstand something,
> what am I doing wrong?
>
> Deti
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
More information about the asterisk-users
mailing list