4 sep 2009 kl. 19.21 skrev Andy day: > Rehan, > > Asterisk is likely looking at the sip headers for IP authentication > and not > the actual IP headers. SIP headers can be spoofed, but I don't > believe they > can spoof the IP packets and still have it routed properly to this > customer > unless they are on the same network. If the customer does a packet > capture > (tcpdump tethereal etc) they should see the ip and sip headers do > not match > on those calls. They could use IP tables or some other ACL to block > the > hackers.
There is a current bug in 1.6 for TCP connections (with or without TLS) that may be in action, where asterisk instead of looking at IP headers actually match on the Contact:. This is wrong and will be fixed soon in all 1.6 versions and trunk. For UDP, we actually DO look at the IP headers when we match incoming calls with peers. For user matching, we do match on the From: header. In addition we have authentication schemes for incoming calls for both users and peers. I do recommend ucing the ACL as well as authentication. /O --- [email protected] - http://edvina.net Open Unified Communication - building platforms with SIP and XMPP From PBX to large scale implementations for carriers. Contact us today! _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- AstriCon 2009 - October 13 - 15 Phoenix, Arizona Register Now: http://www.astricon.net asterisk-biz mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-biz
