[plug] Sip to Sip

Tim weirdit at gmail.com
Thu Oct 28 05:19:10 WST 2010


Care to enlighten us a bit more about this?

I take it the first thing is only open 5060 to your VPS?
What other things do we need to watch out for? This is the first time
I've used Asterisk, so it could easily be insecure. It would be nice
to know what I should do to make it more secure. i.e. Does 5060 need
to be open if I'm not receiving any calls from my VPS, only making
them?

Thanks

Tim

On 27 October 2010 23:31, Craig Foster <Craig at fostware.net> wrote:
> As a general reminder, remember to watch SIP firewalls and ACLs since an
> open 5060 is gold amongst phone spammers and scammers these days.
>
> It’s not aimed at anyone in particular, but we see misconfigurations all the
> time, and exploited systems more than we’d like.
>
>
>
> Consider this a Community Service Announcement without the sketched cartoons
> or damn catchy songs J
>
>
>
> Craig F.
>
>
>
>
>
> From: plug-bounces at plug.org.au [mailto:plug-bounces at plug.org.au] On Behalf
> Of Scott Middleton
> Sent: Wednesday, 27 October 2010 5:24 PM
> To: plug at plug.org.au
> Subject: Re: [plug] Sip to Sip
>
>
>
>
>
> It has changed a bit over the years. On my elastix box it is.
>
> /etc/asterisk/rtp.conf
>
>
>
> some notes:
>
> rtp is udp so its no big deal having that many open ports
>
> sip 5060 is tcp and udp
>
>
>
> Generally i port forward udp 10,000-20,000 and tcp/udp 5060 to my asterisk
> server. But I only allow it from my VISP.
>
> Scott Middleton
> Managing Director
> Linux Consultants Pty Ltd t/as AssureTek
> Email - Scott at assuretek.com.au
> Phone - 1300 551 696
> Mobile - 0400 212 724
>
>
>
>
>
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>
>



-- 
Timothy White - Somewhere in Australia



More information about the plug mailing list