[asterisk-users] allowguest defaults to yes for SIP
Administrator TOOTAI
admin at tootai.net
Thu Nov 12 08:41:42 CST 2009
Lee Howard a écrit :
> In your sip.conf file allowguest defaults to yes. This means that
> anyone that can reach the SIP ports on that system has access to make
> unauthenticated calls, by default. The administrator actually has to go
> in and turn it off to prevent unauthenticated SIP calls (in whatever
> context [general] points at).
>
> Does anyone else agree with me that this is a poor default? I'd like to
> see the default setting changed.
>
> It seems to me that this default is the reason behind the
> doc/security.txt bias against using the "default" context for toll calls.
>
Agree. Another possibility would be to have a guestcontext defined in
default. This context would exist but empty.
--
Daniel
More information about the asterisk-users
mailing list