Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: How common are wide open SIP gateways?

  • From: David Birnbaum
  • Date: Fri Feb 05 13:22:34 2010
I should have prefaced that with "older installations" as well. As far as we can see, most of the newer packages have fixed the known truck-sized holes in their default configurations, but given the lack of any formal framework for testing this stuff, even the "big" switches have been found to have security issues from time to time.

I have to admit I was surprised at the number of people I've run into over the years who unpacked Asterisk, played with a few phones, and stuck themselves on the Internet without any clear understanding of how exposed they are.

Cheers,

David.

-----

On Fri, 5 Feb 2010, Brandon Ewing wrote:

On Fri, Feb 05, 2010 at 12:45:13PM -0500, David Birnbaum wrote:

We have noticed a lot of issues with Asterisk 1.2 and some 1.4 rollouts.
FreePBX had some truck-sized holes in it.


FreePBX 2.6.0 defaults to refusing anonymous SIP calls.  If you enable
inbound anonymous calls, it includes only the "from-trunk" context, making
it behave like a standard incoming over over a configured trunk.  If you've
configured FreePBX to allow outgoing calls from the trunk context, you have
larger problems in general.

--
Brandon Ewing                                        (nicotine@warningg.com)


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.