diff options
author | tilghman <tilghman@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-04-02 17:02:18 +0000 |
---|---|---|
committer | tilghman <tilghman@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-04-02 17:02:18 +0000 |
commit | d9f8f9e00f9162f6ca1af9cfc20041675d5cb2d1 (patch) | |
tree | dbf0683ea797890f66ba7cee9942e5b0dec7af8a /configs | |
parent | 91e89a27ce4c09efa2abbc86679eb8a33166b934 (diff) |
Fix for AST-2009-003
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@186056 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'configs')
-rw-r--r-- | configs/sip.conf.sample | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/configs/sip.conf.sample b/configs/sip.conf.sample index b16eed5e7..bf43687c7 100644 --- a/configs/sip.conf.sample +++ b/configs/sip.conf.sample @@ -108,10 +108,12 @@ srvlookup=yes ; Enable DNS SRV lookups on outbound calls ; Useful to limit subscriptions to local extensions ; Settable per peer/user also ;notifyringing = yes ; Notify subscriptions on RINGING state -;alwaysauthreject = yes ; When an incoming INVITE or REGISTER is to be rejected, - ; for any reason, always reject with '401 Unauthorized' - ; instead of letting the requester know whether there was - ; a matching user or peer for their request +;alwaysauthreject = yes ; When an incoming INVITE or REGISTER is to be rejected, + ; for any reason, always reject with an identical response + ; equivalent to valid username and invalid password/hash + ; instead of letting the requester know whether there was + ; a matching user or peer for their request. This reduces + ; the ability of an attacker to scan for valid SIP usernames. ; ; If regcontext is specified, Asterisk will dynamically create and destroy a ; NoOp priority 1 extension for a given peer who registers or unregisters with |