Hi,
I understand that ser script should always proxy-challenge for INVITE method to prevent maliciously using other's identity. Cisco 7960 only support www authenticate but not proxy authenticate. What's the best way to prevent any malicious use of the service?
Thanks, Richard
__________________________________ Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs http://hotjobs.sweepstakes.yahoo.com/careermakeover
Hi,
On Sunday 09 May 2004 12:39, Richard wrote:
I understand that ser script should always proxy-challenge for INVITE method to prevent maliciously using other's identity. Cisco 7960 only support www authenticate but not proxy authenticate. What's the best way to prevent any malicious use of the service?
use www_challenge instead of proxy_challenge? Or trash phones which are not RFC compliant ;-)
Greetings Nils
On 09-05 03:39, Richard wrote:
Hi,
I understand that ser script should always proxy-challenge for INVITE method to prevent maliciously using other's identity. Cisco 7960 only support www authenticate but not proxy authenticate. What's the best way to prevent any malicious use of the service?
I am pretty sure that 7690 supports that -- I am using the phone myself and have proxy_challenge enabled.
Jan.
What version are you using?
I have the latest version 6.1. I tried it myself and you can see from the link. It only supports www authenticate, but not proxy authenticate.
http://www.cisco.com/en/US/products/sw/voicesw/ps2156/products_administratio...
--- Jan Janak jan@iptel.org wrote:
On 09-05 03:39, Richard wrote:
Hi,
I understand that ser script should always proxy-challenge for INVITE method to prevent maliciously using other's identity. Cisco 7960
only
support www authenticate but not proxy
authenticate.
What's the best way to prevent any malicious use
of
the service?
I am pretty sure that 7690 supports that -- I am using the phone myself and have proxy_challenge enabled.
Jan.
__________________________________ Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs http://hotjobs.sweepstakes.yahoo.com/careermakeover
If you take a look at the supported replies and supported header fields you will recognize that the phone supports proxy and www authentication (401 and 407, WWW-Authenticate and Authorization, Proxy-Authenticate and Proxy-Authorization). I do not know what Cisco refers as "Proxy Authentication", but i guess it means proxy-to-proxy authentication, which is not applicable to end-devices any way.
Regards Nils
On Sunday 09 May 2004 22:17, Richard wrote:
What version are you using?
I have the latest version 6.1. I tried it myself and you can see from the link. It only supports www authenticate, but not proxy authenticate.
http://www.cisco.com/en/US/products/sw/voicesw/ps2156/products_administrati on_guide_chapter09186a00801d1974.html#1014765
--- Jan Janak jan@iptel.org wrote:
On 09-05 03:39, Richard wrote:
Hi,
I understand that ser script should always proxy-challenge for INVITE method to prevent maliciously using other's identity. Cisco 7960
only
support www authenticate but not proxy
authenticate.
What's the best way to prevent any malicious use
of
the service?
I am pretty sure that 7690 supports that -- I am using the phone myself and have proxy_challenge enabled.
Jan.
Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs http://hotjobs.sweepstakes.yahoo.com/careermakeover
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Hi Nils, Jan,
Thanks for pointing it out. Let me check the script. It must be mistaken.
Best regards, Richard
--- Nils Ohlmeier nils@iptel.org wrote:
If you take a look at the supported replies and supported header fields you will recognize that the phone supports proxy and www authentication (401 and 407, WWW-Authenticate and Authorization, Proxy-Authenticate and Proxy-Authorization). I do not know what Cisco refers as "Proxy Authentication", but i guess it means proxy-to-proxy authentication, which is not applicable to end-devices any way.
Regards Nils
On Sunday 09 May 2004 22:17, Richard wrote:
What version are you using?
I have the latest version 6.1. I tried it myself
and
you can see from the link. It only supports www authenticate, but not proxy authenticate.
http://www.cisco.com/en/US/products/sw/voicesw/ps2156/products_administrati
on_guide_chapter09186a00801d1974.html#1014765
--- Jan Janak jan@iptel.org wrote:
On 09-05 03:39, Richard wrote:
Hi,
I understand that ser script should always proxy-challenge for INVITE method to prevent maliciously using other's identity. Cisco 7960
only
support www authenticate but not proxy
authenticate.
What's the best way to prevent any malicious
use
of
the service?
I am pretty sure that 7690 supports that -- I
am
using the phone myself and have proxy_challenge enabled.
Jan.
Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs
http://hotjobs.sweepstakes.yahoo.com/careermakeover
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
__________________________________ Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs http://hotjobs.sweepstakes.yahoo.com/careermakeover
Richard writes:
I have the latest version 6.1. I tried it myself and you can see from the link. It only supports www authenticate, but not proxy authenticate.
http://www.cisco.com/en/US/products/sw/voicesw/ps2156/products_administratio...
the table must be screwed up. my 7960 has always been able to respond correctly to both 401 and 407. i can't believe that they would have removed support for either in later releases.
-- juha
Yea, my script was not right...
7960 supports both www and proxy authenticate.
--- Juha Heinanen jh@tutpro.com wrote:
Richard writes:
I have the latest version 6.1. I tried it myself
and
you can see from the link. It only supports www authenticate, but not proxy authenticate.
http://www.cisco.com/en/US/products/sw/voicesw/ps2156/products_administratio...
the table must be screwed up. my 7960 has always been able to respond correctly to both 401 and 407. i can't believe that they would have removed support for either in later releases.
-- juha
__________________________________ Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs http://hotjobs.sweepstakes.yahoo.com/careermakeover
* Jan Janak jan@iptel.org [040509 19:09]:
On 09-05 03:39, Richard wrote:
Hi,
I understand that ser script should always proxy-challenge for INVITE method to prevent maliciously using other's identity. Cisco 7960 only support www authenticate but not proxy authenticate. What's the best way to prevent any malicious use of the service?
I am pretty sure that 7690 supports that -- I am using the phone myself and have proxy_challenge enabled.
It works with both proxy and www as far as I know.. I'v atleast used it with both.
-Atle
-
Atle Samuelsen -
Jan Janak -
Juha Heinanen -
Nils Ohlmeier -
Richard