[asterisk-users] No matching peers message has gone (1.8.23.1)
Joshua Colp
jcolp at digium.com
Mon Nov 4 09:29:20 CST 2013
Ishfaq Malik wrote:
> Hi
>
> Ever since we upgraded our asterisk servers to 1.8.23.1, we no longer
> get the 'no matching peer' error when we get a dictionary SIP attack.
>
> Now the logs always show a 'wrong password' when there actually isn't a
> matching peer.
>
> We even have alwaysauthreject = yes in our sip.conf.
>
> Has anyone else noticed this phenomenon?
This is on purpose. To fix some exposure issues the code was changed to
have an internal peer (albeit one that can never successfully be
authenticated against) that gets used if no real peer is found. This
reduces the chance (by a lot) of the code exposing information in some
off nominal cases.
--
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at: www.digium.com & www.asterisk.org
More information about the asterisk-users
mailing list