Asterisk Users - We are presently try to operate a hybrid GSM/Asterisk cellular basestation at the Burning Man Festival in the Nevada desert. (See http://openbts.sourceforge.net). The architecture is basically one where cell phones are presented to Asterisk as SIP users, using the IMSI as the SIP user ID for convenience. (It's running off of a wind turbine is the middle of a dust storm as my alkali-abused hands type this.)
When we first got this system running, we were getting hammered with service requests from phones that people left turned on. We tried sending the magic GSM codes for "no roaming here", but some of them just kept coming back. It was like a denial of service attack. We figured out that the best way to shut those phones up was just to accept their registrations. We'd send a corresponding SIP registration to Asterisk, that would fail, but we'd report success to the GMS handset anyway so that it would think it had service and stop retrying the registration. Now we've discovered a new problem: Asterisk lets these non-existent make calls even though they are not listed as users in sip.conf. We suspect that is happening because they are all localhost connections, and therefore bypassing some kind of authentication check. These calls also show up in the CDR, but with the SIP ids of real, provisioned SIP users instead of the IMSIs of the phones that are actually making the calls. Any ideas how this is happening or how to fix it? -- David David A. Burgess Kestrel Signal Processing, Inc. _______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- AstriCon 2008 - September 22 - 25 Phoenix, Arizona Register Now: http://www.astricon.net asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users