From cca751350a64d22ec2d44b535f4821c8c3a5d9e1 Mon Sep 17 00:00:00 2001 From: Olle Johansson Date: Thu, 12 Nov 2009 10:22:30 +0000 Subject: Clarify some security issues early in the sample configuration git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@229606 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- configs/sip.conf.sample | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'configs/sip.conf.sample') diff --git a/configs/sip.conf.sample b/configs/sip.conf.sample index 130f369ce..18a6602bc 100644 --- a/configs/sip.conf.sample +++ b/configs/sip.conf.sample @@ -1,6 +1,18 @@ ; ; SIP Configuration example for Asterisk ; +; Note: Please read the security documentation for Asterisk in order to +; understand the risks of installing Asterisk with the sample +; configuration. If your Asterisk is installed on a public +; IP address connected to the Internet, you will want to learn +; about the various security settings BEFORE you start +; Asterisk. +; Specially note the following settings: +; - Allowguest (default enabled) +; - Permit/deny - IP address filters +; - Contactpermit/contactdeny - IP address filters for registrations +; - Context - Which set of services you offer various users +; ; SIP dial strings ;----------------------------------------------------------- ; In the dialplan (extensions.conf) you can use several @@ -87,6 +99,10 @@ [general] context=default ; Default context for incoming calls ;allowguest=no ; Allow or reject guest calls (default is yes) + ; If your Asterisk is connected to the Internet + ; and you have allowguest=yes + ; you want to check which services you offer everyone + ; out there, by enabling them in the default context (see below). ;match_auth_username=yes ; if available, match user entry using the ; 'username' field from the authentication line ; instead of the From: field. -- cgit v1.2.3