nathan
2003-Nov-03 07:02 UTC
[Asterisk-Users] Asterisk compliance with RFC 2617 (qop, nc and cnonce) - in relation to sipcall.co.uk
Hi All, I am attempting to setup Asterisk with sipcall.co.uk. They use Intertex kit to provide the SIP service. Unfortunately Asterisk cannot seem to authenticate against Intertex. Having provided SIP debug info the provider has informed me that Asterisk does not appear to support 'qop', 'nc' and 'cnonce' which are used to stop replay attacks. So, does Asterisk support 'qop', 'nc' and 'cnonce'? If not, is anyone working on support? Before anyone says code it yourself, I would if I could! Thanks, Nathan.
Dave Cotton
2003-Nov-03 09:39 UTC
[Asterisk-Users] Asterisk compliance with RFC 2617 (qop, nc and cnonce) - in relation to sipcall.co.uk
On Mon, 2003-11-03 at 15:02, nathan wrote:> Hi All, > > I am attempting to setup Asterisk with sipcall.co.uk. They use Intertex > kit to provide the SIP service. Unfortunately Asterisk cannot seem to > authenticate against Intertex. Having provided SIP debug info the > provider has informed me that Asterisk does not appear to support 'qop', > 'nc' and 'cnonce' which are used to stop replay attacks. >Went up the same route myself, and got the same answers from Sipcall and Intertex. The only time I was ever able to connect to Sipcall, even with an Intertex modem in place at my end, was using MS Messenger. The question I now ask is why only Intertex based systems require this? Asterisk registers with other providers, FWD, sipphone, iptel, nikotel etc... Do they suffer replay attacks? -- Dave Cotton <dcotton@linuxautrement.com>