nanog mailing list archives
Re: How common are wide open SIP gateways?
From: Seth Mattinen <sethm () rollernet us>
Date: Fri, 05 Feb 2010 09:44:17 -0800
On 2/5/10 9:33 AM, Drew Weaver wrote:
Heya,
Has anyone done any research or have any anecdotal numbers related to how common it is to have a SIP gateway
sitting out on the Internet with no ACL or authentication? Recently we have noticed a couple of instances where we
get abuse complaints from companies who claim that one of our hosting clients 'stole SIP service' from them. This
reminds me somewhat of the 'SMTP open relay' days. We obviously take action and shut the offending user down but I
can't help but wonder how common this practice is. Usually I just ask the company why their system allows anyone to
use their SIP gateway and they usually say something like "We can't predict what IP our users will come in from...
etc"
I am just wondering if anyone else has noticed this trend.
While it's true you can't predict the source IP when you have remote users with dynamic IP (think SIP at home or softphone on the road), that's no reason to omot basic MD5 digest auth. ~Seth
Current thread:
- How common are wide open SIP gateways? Drew Weaver (Feb 05)
- Re: How common are wide open SIP gateways? Seth Mattinen (Feb 05)
- Re: How common are wide open SIP gateways? David Birnbaum (Feb 05)
- Re: How common are wide open SIP gateways? Brandon Ewing (Feb 05)
- Re: How common are wide open SIP gateways? David Birnbaum (Feb 05)
- RE: How common are wide open SIP gateways? Drew Weaver (Feb 05)
- Re: How common are wide open SIP gateways? Brandon Ewing (Feb 05)
- Re: How common are wide open SIP gateways? Scott Howard (Feb 05)
- Re: How common are wide open SIP gateways? John Todd (Feb 06)
- Re: How common are wide open SIP gateways? Jon Lewis (Feb 05)
- Re: How common are wide open SIP gateways? Chris Hills (Feb 05)
- Re: How common are wide open SIP gateways? Jonathan Thurman (Feb 05)