Nick Hoffman wrote:
Hi guys. Say you have this setup, with an account for the caller on
both Asterisk and SER:
Caller -> SER -> Asterisk -> VoIP Provider -> Callee
If the caller were to spoof SER's IP address and place a call directly
to Asterisk (thus circumventing SER), what would happen?
If the call was in fact setup, obviously the caller would not receive
any audio from the callee. However, would the call be setup? When
Asterisk responds to the caller's request and sends SIP packets back
(to SER), would SER say "I don't know anything about this call!
Asterisk, kill this call please."?
Thanks for your input!
-- Nick
e: nick.hoffman@altcall.com
p: +61 7 5591 3588
f: +61 7 5591 6588
On Wed July 5 2006 17:58, "Greger V. Teigre" <greger@teigre.com> wrote:
Depends on the config and what type of message the caller managed to
make asterisk create... You could (and probably should) put asterisk on
a private routable network (i.e. NATed behind a firewall). The best
would be to put ser and asterisk on the same network and only allow
outside world to contact ser and let ser contact asterisk using the
private address of asterisk. Alternatively you could use tcp to
asterisk and stop udp traffic.
Why the caller wouldn't receive audio, I don't understand...
g-)
Hi Greger. SER and Asterisk can be configured to use TCP for SIP/SDP
messages?
The reason I said that the caller wouldn't receive audio is because the
callee's RTP stream would be directed to SER, not the caller.
-- Nick
e: nick.hoffman@altcall.com
p: +61 7 5591 3588
f: +61 7 5591 6588
If you receive this email by mistake, please notify us and do not make any
use of the email. We do not waive any privilege, confidentiality or
copyright associated with it.