Hi,
I recently found someone was using one of my Asterisk servers to make
international calls via some SIP method that allowed them to bypass
authentication (running 1.4.21.1 so I'm not sure how they did this since the
major vulnerability for this was patched in 1.4.18.1). At any rate I caught
it the same day they started this, so I've blocked their IP range and put in
some monitoring solutions upstream.
I'd like to lock down the servers as far as Asterisk goes, so this is my
situation:
I'm running two Asterisk servers between two sites. They use DUNDi to route
calls between the two servers so there is no dialplan to route calls between
the two. Firewalls have been configured to allow SIP clients to connect from
the Internet. I'd like to change my sip.conf to allowguest=no without having
to recreate dialplans between the two. How is this accomplished? I can't
seem to find much on using allowguest=no in sip.conf.
Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.digium.com/pipermail/asterisk-users/attachments/20090224/4b7a5b16/attachment.htm