[SR-Users] Security

Daniel-Constantin Mierla miconda at gmail.com
Wed Apr 16 13:32:58 CEST 2014


On 16/04/14 12:49, Daniel-Constantin Mierla wrote:
> Hello,
> On 16/04/14 09:52, Keith wrote:
>> Hi All,
>> I am looking to apply some security on invites so I only accept from 
>> IP addresses in the address table or authenticated users. I have the 
>> address table bit working but I am struggling with the authenticated 
>> users bit. Wondering if anyone has done it? I was thinking of using 
>> the location table in some way as those users have authenticated?
>> Any ideas would be appreciated.
> you should authenticate all requests coming from non-trusted peers. 
> The default config file does it for the users that pretend to be local 
> subscribers. Just look at route[AUTH].
> Relaying on location table might not be safe, you can eventually check 
> the source ip, but then someone can be in the same network behind the 
> nat and call on behalf of another phone registered from the same local 
> network.
> Also, in sip, phones can call without being registered. Registration 
> is done only to be able to be called.

it was a c&p error in mysql module. Can you try with latest git?


Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda

More information about the sr-users mailing list