[asterisk-users] realm: security issue
Hi All; I have my friend that use his mobile (Nimbuz) to connect for the Asterisk and his account was working fine. Suddenly it stop working (not able to register). From my mobile (Nokia) I was able to register using my username and password, so I tried to register using his (my friend) username and password (that was using them from Nimbuz), it did not work. I come back trying to register using my origin username and password (which was working fine just before a while), it did not work. I removed my username and my friend username from the Asterisk and then I created a new username and password (different than all other) and I tried to register from my mobile, also it did not work !!! I start beleive that it is something related to detecting a hacking (maybe Nimbuz does not use a good security), this caused the MAC to be considered as hacked. Please, can someone advise me how to resolve this problem? Where I can find those MACs that need to be removed from block list? What can I do to get out from this problem? Any advise? Regards Bilal -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] realm: security issue
From what you explained it seems to me that your mobile provider has blocked your sip communication altogether. Have you tried changing IP address of your asterisk server? If changing IP works, then probably your provider has blocked you sip communication by IP only. Zeeshan A Zakaria -- www.ilovetovoip.com On 2010-09-23 7:22 AM, bilal ghayyad bilmar...@yahoo.com wrote: Hi All; I have my friend that use his mobile (Nimbuz) to connect for the Asterisk and his account was working fine. Suddenly it stop working (not able to register). From my mobile (Nokia) I was able to register using my username and password, so I tried to register using his (my friend) username and password (that was using them from Nimbuz), it did not work. I come back trying to register using my origin username and password (which was working fine just before a while), it did not work. I removed my username and my friend username from the Asterisk and then I created a new username and password (different than all other) and I tried to register from my mobile, also it did not work !!! I start beleive that it is something related to detecting a hacking (maybe Nimbuz does not use a good security), this caused the MAC to be considered as hacked. Please, can someone advise me how to resolve this problem? Where I can find those MACs that need to be removed from block list? What can I do to get out from this problem? Any advise? Regards Bilal -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] realm: security issue
No, I do not think that my provider blocked my IP address, because I am able to register for the Asterisk (at that IP address) from an IP Phone, but not from the mobile. It is well known that the mobile use the digest authentication (realm) which is not used in the IP Phone. Any advise? From what you explained it seems to me that your mobile provider has blocked your sip communication altogether. Have you tried changing IP address of your asterisk server? If changing IP works, then probably your provider has blocked you sip communication by IP only. Zeeshan A Zakaria -- www.ilovetovoip.com On 2010-09-23 7:22 AM, bilal ghayyad bilmar...@yahoo.com wrote: Hi All; I have my friend that use his mobile (Nimbuz) to connect for the Asterisk and his account was working fine. Suddenly it stop working (not able to register). From my mobile (Nokia) I was able to register using my username and password, so I tried to register using his (my friend) username and password (that was using them from Nimbuz), it did not work. I come back trying to register using my origin username and password (which was working fine just before a while), it did not work. I removed my username and my friend username from the Asterisk and then I created a new username and password (different than all other) and I tried to register from my mobile, also it did not work !!! I start beleive that it is something related to detecting a hacking (maybe Nimbuz does not use a good security), this caused the MAC to be considered as hacked. Please, can someone advise me how to resolve this problem? Where I can find those MACs that need to be removed from block list? What can I do to get out from this problem? Any advise? Regards Bilal -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] realm: security issue
Bilal, If you are using 3G or Wifi with your Nokia Native SIP Client.. try to connect via an internet connection sharing machine.. it seems that your ISP is blocking INBOUND SIP packets. Test and let me know -Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of bilal ghayyad Sent: Thursday, September 23, 2010 11:24 PM To: asterisk-users@lists.digium.com Subject: Re: [asterisk-users] realm: security issue No, I do not think that my provider blocked my IP address, because I am able to register for the Asterisk (at that IP address) from an IP Phone, but not from the mobile. It is well known that the mobile use the digest authentication (realm) which is not used in the IP Phone. Any advise? From what you explained it seems to me that your mobile provider has blocked your sip communication altogether. Have you tried changing IP address of your asterisk server? If changing IP works, then probably your provider has blocked you sip communication by IP only. Zeeshan A Zakaria -- www.ilovetovoip.com On 2010-09-23 7:22 AM, bilal ghayyad bilmar...@yahoo.com wrote: Hi All; I have my friend that use his mobile (Nimbuz) to connect for the Asterisk and his account was working fine. Suddenly it stop working (not able to register). From my mobile (Nokia) I was able to register using my username and password, so I tried to register using his (my friend) username and password (that was using them from Nimbuz), it did not work. I come back trying to register using my origin username and password (which was working fine just before a while), it did not work. I removed my username and my friend username from the Asterisk and then I created a new username and password (different than all other) and I tried to register from my mobile, also it did not work !!! I start beleive that it is something related to detecting a hacking (maybe Nimbuz does not use a good security), this caused the MAC to be considered as hacked. Please, can someone advise me how to resolve this problem? Where I can find those MACs that need to be removed from block list? What can I do to get out from this problem? Any advise? Regards Bilal -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
