[VoiceOps] Phone auth for incoming calls?
Carlos Alvarez
caalvarez at gmail.com
Wed Aug 8 13:58:31 EDT 2018
You're right, most phones have both options also. However I'm not sure how
the "same server" is applied for a phone behind NAT. Would the phone
actually know where the call came from? I've never tried it.
Alex, it does work fine with Asterisk, at least on a small scale test. But
the fear of changing something so drastic on thousands of phones lead me to
asking about it here.
On Wed, Aug 8, 2018 at 10:48 AM David Knell <david.knell at telng.com> wrote:
> Been there, had that :-) Auth works; you might also find an option to
> only accept calls from the server to which the phone's registered.
>
> --Dave
>
> On Wed, Aug 8, 2018 at 8:43 PM, Carlos Alvarez <caalvarez at gmail.com>
> wrote:
>
>> Do most of you have the phones authenticate incoming calls? We haven't
>> been, but occasionally find a router that has unfiltered full cone NAT
>> (Cisco) or that puts one phone on 5060 with no filtering by IP. The result
>> is that the phone will start ringing at random as script kiddies hit the IP
>> and port 5060 trying to find servers to exploit. I don't see a downside to
>> changing to auth, but not having done it outside of a few tests of a small
>> number of phones, I figured I would ask.
>>
>>
>> _______________________________________________
>> VoiceOps mailing list
>> VoiceOps at voiceops.org
>> https://puck.nether.net/mailman/listinfo/voiceops
>>
>>
>
>
> --
>
> David Knell, Director, TelNG
> T: +44 1223 797979 / +1 970-315-4721
> W: http://www.telng.com
> H: http://www.daveknell.com
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20180808/75b9f08c/attachment.html>
More information about the VoiceOps
mailing list