On Friday 04 September 2009 17:03:09 Gordon Henderson wrote: > I've been hanging out with IAX, thinking it's the "right thing", but more > and more I'm thinking of moving to SIP, and I think this will be the straw > that tips the balance as it were. I've a few 100 boxes out there which > would all eventually need upgrading, and for some, it's just not going to > be possible to upgrade the underlying asterisk, so it's going to be just > as easy to move to SIP which is what I'm going to do.
Just to be clear, this same attack is possible on SIP, although server resources are the limit there, instead of call number space. So with call tokens in place, IAX2 is now safer to use than SIP, in terms of an attacker attempting to exhaust your call resources. -- Tilghman & Teryl with Peter, Cottontail, Midnight, Thumper, & Johnny (bunnies) and Harry, BB, & George (dogs) _______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- AstriCon 2009 - October 13 - 15 Phoenix, Arizona Register Now: http://www.astricon.net asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
