That has changed greatly since 2005. On August 8, 2018 2:07:50 PM EDT, Carlos Alvarez <caalva...@gmail.com> wrote: >That's a change I've never investigated. Or more precisely, haven't >investigated since the days when the advice for doing it was "good >luck!!" > > >On Wed, Aug 8, 2018 at 11:00 AM Alex Balashov ><abalas...@evaristesys.com> >wrote: > >> I would have to agree with Calvin. Just use TCP. >> >> On August 8, 2018 1:58:47 PM EDT, Calvin Ellison ><calvin.elli...@voxox.com> >> wrote: >> >Using TCP or TLS would avoid open NAT issue, and can cure some >naughty >> >SIP >> >ALG issues as well, assuming you want to tolerate the overhead. >> > >> >For UDP, we've used both Digest and Source request validation with >> >Polycom >> >devices. Source validation is probably the easiest route, assuming >the >> >UA >> >doesn't need to receive calls from anyone but its proxy or >registrar. >> >Digest (nonce challenge) is better if you want to accept calls from >> >anyone >> >who knows your password, but we had an issue with a softswitch that >> >would >> >properly handle auth channel to INVITE but choked when a BYE was >> >challenged. >> > >> > >> > >> > >> >Regards, >> > >> >*Calvin Ellison* >> >Voice Operations Engineer >> >calvin.elli...@voxox.com >> >+1 (213) 285-0555 >> > >> >----------------------------------------------- >> >*voxox.com <http://www.voxox.com/> * >> >5825 Oberlin Drive, Suite 5 >> >San Diego, CA 92121 >> >[image: Voxox] >> > >> >On Wed, Aug 8, 2018 at 10:43 AM, Carlos Alvarez ><caalva...@gmail.com> >> >wrote: >> > >> >> Do most of you have the phones authenticate incoming calls? We >> >haven't >> >> been, but occasionally find a router that has unfiltered full cone >> >NAT >> >> (Cisco) or that puts one phone on 5060 with no filtering by IP. >The >> >result >> >> is that the phone will start ringing at random as script kiddies >hit >> >the IP >> >> and port 5060 trying to find servers to exploit. I don't see a >> >downside to >> >> changing to auth, but not having done it outside of a few tests of >a >> >small >> >> number of phones, I figured I would ask. >> >> >> >> >> >> _______________________________________________ >> >> VoiceOps mailing list >> >> VoiceOps@voiceops.org >> >> https://puck.nether.net/mailman/listinfo/voiceops >> >> >> >> >> >> >> -- Alex >> >> -- >> Sent via mobile, please forgive typos and brevity. >> _______________________________________________ >> VoiceOps mailing list >> VoiceOps@voiceops.org >> https://puck.nether.net/mailman/listinfo/voiceops >>
-- Alex -- Sent via mobile, please forgive typos and brevity. _______________________________________________ VoiceOps mailing list VoiceOps@voiceops.org https://puck.nether.net/mailman/listinfo/voiceops