similar to: SIP password encryption

On 10/28/2015 06:37 PM, Pete Mundy wrote: > Hi Motty, > > Isn't the whole point of the nonce in a SIP registration to ensure the > secret doesn't go on the wire in plain-text? Is this not enough, or > are you looking to hide the username too? > > (if so, fair 'nuf, just wondering why :) > > Pete > > Ps, if so then I think TLS is the missing part of

Hi All; When the endpoint register on Asterisk or initiate a call, so they exchange the sip username and password. What is the possibility that this will be capture by the hacker and how to avoid this problem? Regards Bilal

Having reconfigured Samba4 to use BIND as a DNS server to get dynamic DNS updates working, I'm still working to understand the system. The Windows client I'm testing only seems up update DNS if I run ipconfig /registerdns. It doesn't update DNS at startup or IP change OOTB. Is it expected that Windows clients run a startup script running ipconfig /registerdns or have dynamic updates

Hi, As stated on the Dovecot documentation, at rest encryption is possible [1]. However, these keys are present on the system itself and are unprotected. Therefore, if a system is compromised, the attacker has access to the encrypted mail and the keys. There is no security benefit in that situation, except for hoping that the attacker doesn't understand that this is happening and how.

I am going to change my Digest realm to match my DNS SVR record. I dug through the code in chan_sip.c and on line 2748 I found it hard coded <frown> : snprintf(tmp, sizeof(tmp), "Digest realm=\"asterisk\", nonce=\"%s\"", r\anddata); I'm going to change this to : snprintf(tmp, sizeof(tmp), "Digest realm=\"isdn.net\",

Dear All, Today I upgraded asterisk 1.6 to 1.8. As the result of this when peers trying to register to asterisk the system shows: NOTICE[24698]: chan_sip.c:23417 handle_request_register: Registration from '"50" <sip:50 at 192.168.1.109> <sip:50 at 192.168.1.109>' failed for ' 192.168.1.80:5062' - Wrong password even though on 1.6 everything was OK here is

I'm receiving the following error over and over, adnauseam: Oct 1 23:59:53 NOTICE[3194]: chan_sip.c:5890 check_auth: stale nonce received from 'CNAME-CID <sip:5551212@192.168.1.X>' Does anyone know what "stale nonce" is? Thanks! Paul Conn -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi! Then I phone other phones with my Zyxel 2000W (WI-FI) it just hang up when I answer the phone I am ringing. It works fine if I call the 2000W from other phones. I have tried many sip settings. I use this now: [205] type=friend username=205 secret=passwd205 callerid="Zyxel" <205> host=dynamic context=local nat=yes canreinvite=no disallow=all allow=g729

Hi All; I am looking for a good Outbound Dialer and to be practical with possibility to do modification on it, the outbound dialer should send the calls to the agent when the agent is logged in as long the agent is belong to the queue (or let us say the skill group of this campaign). Any one can guide me? If I can build this using the AMI, so I appreciate if anyone did it before me so I can use

Now in my asterisk config files, there are lines like: secret=some_password_in_plain_text Is it possible to hide these plain text password? -- *Jian * -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20110214/7661ff8e/attachment.htm>

Hi folks, Since Docker can bind-mount every .ssh directory I am looking for some way to forbid unprotected private keys. AFAICS it is currently not possible on the sshd to verify that the peer's private key was protected by a passphrase. Can you confirm? Regards Harri

Hi all, Asterisk is great but I'm having issues with setting up realtime for our call center, which is needed for login integration with the rest of our applications (telephonists' web interface, etc.). I have reviewed a large number of previous posts to the mailing list and the voip-info wiki to no avail. Setup is as follows: Linux 2.6.23 (gentoo) / AMD Athlon(tm) 64 Processor 3000+ /

Hi guys, sorry to be iterating this on the list once more, but I'm not able to get this stuff to work as I'd expect. So far, I've always managed to keep it out of NAT environments :-> My home LAN is NATed by a simple Draytek router. In the home LAN is an ATA186 with SIP. On the internet (public) is an Asterisk server. I have nat=yes in the sip.conf and the connectmode is set

Hi I'm sorry. I mailed the same question again. because, it cannot be yet solved. any ideas with asterisk? [Aug 20 14:40:12] WARNING[29315]: chan_sip.c:11806 check_auth: username mismatch, have <aaaa>, digest has aaaa at 192.168.0.1[Aug 20 14:40:12] NOTICE[29315]: chan_sip.c:20479 handle_request_register: Registration from 'aaaa <sip:aaaa at 192.168.0.1>' failed for

Hi all, There is a parameter called "nonce" included in every register request that a UA sends to asterisk. I have read sip debug a lot and only found out that the "nonce" parameter value which is used in register request was generated by asterisk server in a previous sip response. As you can see in the sip debug (labled in red). <--- Transmitting (NAT) to

I just updated one of my stable asterisk systems to head to test it out.. and I'm receiving a interesting log message now in asterisk.. Aug 2 13:20:56 NOTICE[15382]: chan_sip.c:5617 check_auth: stale nonce received from '<sip:3034585725@voip.livewirenet.com;user=phone>' (one line per registration) I'm using an AudioCodes mp108.. it worked fine with the latest stable..

Hi, my dovecot installation works since months and clients authenticate using CRAM-MD5. But today I got the first chance to test an client that supports DIGEST-MD5 - and it doesn't work. Because of lack of other supporting clients and servers I'm now at the point I don't know which side is to blame. The error I get after the client answers the servers challenge is "-ERR

Hello list, this is the communication between an Aastra 5000 PBX and Asterisk, where the Aastra makes a call to Asterisk. For some reason, Asterisk responds with 401-Unauthorized and I don't know why. Calls go well with Panasonic PBX, Avaya PBX, Alcatel-Lucent PBX but NOT with this Aastra. A1.A1.A1.A1 = IP-address Asterisk PBX AS.AS.AS.AS = IP-address Aastra PBX Aastra PBX makes a call

Hello, I am searching for a solution to encrypt authentication from Asterisk server to clients. Searching srtp seem to encrypt traffic, I just want client authentication with encryption. Can someone point to the right direction? has anybody used ZRTP? experience with ZRTP? Thanks, _motty

I have 2 sip accounts setup - 200 and 202. If I do sip show peers I get: sip show peers Name/username Host Dyn Nat ACL Mask Port Status 202/202 192.168.0.6 D 255.255.255.255 5060 Unmonitored 201/201 (Unspecified) D 255.255.255.255 5060 Unmonitored 200/200 192.168.0.3 D 255.255.255.255 5060