5 maj 2011 kl. 14.08 skrev bilal ghayyad: > Hi All; > > When the endpoint register on Asterisk or initiate a call, so they exchange > the sip username and password. What is the possibility that this will be > capture by the hacker and how to avoid this problem?
We never exchange passwords in clear text in SIP 2.0. SIP uses HTTP digest authentication with MD5. There are many articles about that on the web, so that you can find out how it works and what the risks are. Cheers, /O -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
