[SR-Users] Security
Daniel-Constantin Mierla
miconda at gmail.com
Wed Apr 16 13:32:58 CEST 2014
Hello,
On 16/04/14 12:49, Daniel-Constantin Mierla wrote:
> Hello,
>
> On 16/04/14 09:52, Keith wrote:
>> Hi All,
>>
>> I am looking to apply some security on invites so I only accept from
>> IP addresses in the address table or authenticated users. I have the
>> address table bit working but I am struggling with the authenticated
>> users bit. Wondering if anyone has done it? I was thinking of using
>> the location table in some way as those users have authenticated?
>>
>> Any ideas would be appreciated.
> you should authenticate all requests coming from non-trusted peers.
> The default config file does it for the users that pretend to be local
> subscribers. Just look at route[AUTH].
>
> Relaying on location table might not be safe, you can eventually check
> the source ip, but then someone can be in the same network behind the
> nat and call on behalf of another phone registered from the same local
> network.
>
> Also, in sip, phones can call without being registered. Registration
> is done only to be able to be called.
it was a c&p error in mysql module. Can you try with latest git?
Cheers,
Daniel
--
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
More information about the sr-users
mailing list