Hello Everyone, Just looking to secure our * box, and stumbled on the following "This advice may run counter to the majority of documentation, sample files and examples shown on the voip-info.org site and on Asterisk forums, but you?ll have to take my word for it ? using ?type=friend? is a big mistake! It will make your Asterisk server much more vulnerable because ?type=friend? actually causes two objects to be created ? a SIP peer and a SIP user. This gives the potential hacker two entrance doors into your PBX, one of which has comparatively weak security. The problem is that a ?user? is allowed to connect from any remote IP address, not just the address specified in the host parameter. Even if you want to allow connections from any address, it is much better to use ?host=dynamic? than to use ?type=friend?.", http://kb.smartvox.co.uk/asterisk/secure-asterisk-pbx-part-2/ Is this true? Before I update all my "type" to "peer", what are some of the things we needs to keep in mind when using friend vs. peer from a security standpoint? Thanks in Advance, Nick.