Re: How common are wide open SIP gateways?

On Feb 5, 2010, at 1:27 PM, Scott Howard wrote: On Fri, Feb 5, 2010 at 9:45 AM, David Birnbaum dav...@pins.net wrote: We have noticed a lot of issues with Asterisk 1.2 and some 1.4 rollouts. FreePBX had some truck-sized holes in it. Most/all of the big issues that existed in previous

How common are wide open SIP gateways?

Heya, Has anyone done any research or have any anecdotal numbers related to how common it is to have a SIP gateway sitting out on the Internet with no ACL or authentication? Recently we have noticed a couple of instances where we get abuse complaints from companies who claim that one

Re: How common are wide open SIP gateways?

On 2/5/10 9:33 AM, Drew Weaver wrote: Heya, Has anyone done any research or have any anecdotal numbers related to how common it is to have a SIP gateway sitting out on the Internet with no ACL or authentication? Recently we have noticed a couple of instances where we get abuse

Re: How common are wide open SIP gateways?

If you are using Asterisk (and many derived PBXs), and your installation is old enough, and your default context will complete a call...then you may find you are giving free calling out. This was fixed at some point in the Asterisk default configuration files. We have noticed a lot of issues

Re: How common are wide open SIP gateways?

On Fri, 5 Feb 2010, Drew Weaver wrote: Has anyone done any research or have any anecdotal numbers related to how common it is to have a SIP gateway sitting out on the Internet with no ACL or authentication? Recently we have noticed a couple of instances where we get abuse complaints from

Re: How common are wide open SIP gateways?

On 05/02/2010 17:33, Drew Weaver wrote: Has anyone done any research or have any anecdotal numbers related to how common it is to have a SIP gateway sitting out on the Internet with no ACL or authentication? Recently we have noticed a couple of instances where we get abuse complaints

Re: How common are wide open SIP gateways?

On 05/02/2010 17:33, Drew Weaver wrote:        Has anyone done any research or have any anecdotal numbers related to how common it is to have a SIP gateway sitting out on the Internet with no ACL or authentication? Recently we have noticed a couple of instances where we get abuse complaints

Re: How common are wide open SIP gateways?

On Fri, Feb 05, 2010 at 12:45:13PM -0500, David Birnbaum wrote: We have noticed a lot of issues with Asterisk 1.2 and some 1.4 rollouts. FreePBX had some truck-sized holes in it. FreePBX 2.6.0 defaults to refusing anonymous SIP calls. If you enable inbound anonymous calls, it includes only

Re: How common are wide open SIP gateways?

I should have prefaced that with older installations as well. As far as we can see, most of the newer packages have fixed the known truck-sized holes in their default configurations, but given the lack of any formal framework for testing this stuff, even the big switches have been found to

RE: How common are wide open SIP gateways?

, February 05, 2010 1:22 PM To: Brandon Ewing Cc: nanog@nanog.org Subject: Re: How common are wide open SIP gateways? I should have prefaced that with older installations as well. As far as we can see, most of the newer packages have fixed the known truck-sized holes in their default configurations

Re: How common are wide open SIP gateways?

On Fri, Feb 5, 2010 at 9:45 AM, David Birnbaum dav...@pins.net wrote: We have noticed a lot of issues with Asterisk 1.2 and some 1.4 rollouts. FreePBX had some truck-sized holes in it. Most/all of the big issues that existed in previous version of Asterisk/FreePBX have been resolved in later