Jeremy Hall wrote:
If by authentication by mobile number you mean the caller ID received, that is not secure at all. CallerID is very easy to spoof when you have a digital line (certain types, of course.) For example, when I call out from my Asterisk box, if I prefix the number with 9, it sends my correct CallerID information. If I prefix the number with 8, it sends the number I am calling as the CID. I can just as easily set that to show random numbers, or a mobile number I know will give me pre-paid minutes on XYZ company's long distance account.
Is it really possible to spoof the CID? Shouldn't the PSTN provider (the company which gave you the E1 link) verfiy that the CID you're sending into the PSTN is correct (i.e. is in your number range), and put in a correct one if it's false?
I think that's the way it should be in Austria.
regards, klaus _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users