Chris Maciejewski schrieb: > Hi Klaus, > > 2008/8/11 Klaus Darilion <[EMAIL PROTECTED]>: > [...] >> SIP and RTP ports should be dynamic for security reasons. > > Could you please explain what kind of security does assigning random > (dynamic) port to SIP UAS give?
Have you ever used sipvicious? It scans random IPs for port 5060 - you get rather fast lots of SIP clients which you can target to attack. Of course you could also scan other ports than 5060 but this takes 2^15 times more. > >> Actually if all SIP user agents would be standard conform then even the >> proxies need not to use port 5060 (SRV lookups). > > Well, in my opinion we should try to make Qutecom as close to the > standards defined in RFC 3261 (and others) as possible. And IANA > assigned port for SIP is 5060 (5061 TLS) Using a random port for SIP is 100% standard conform. The assigned port is the one which is used if the port is not specified in the URI. regards klaus _______________________________________________ QuteCom-dev mailing list [email protected] http://lists.qutecom.org/mailman/listinfo/qutecom-dev
