×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Jobs

SIP Trunk Security
3

SIP Trunk Security

SIP Trunk Security

3
(OP)
Hi all,

Many of you saw the thread I started on SIP trunk ghost calls. I had intended to build a firewall from a Raspberry Pi and place it in front of my BCM50, but the project turned out to be more complex than I thought in trying to program iptables firewall software. Since my project involved adding a second Ethernet port to the Pi I had to create a network bridge which seriously changed the way packets flow through the firewall. It sort of worked, but not nearly good enough. I shelved that idea for the time being and came up with another solution that has shielded my BCM50 from the SIP scanners, but also allows my SIP trunks to work behind NAT without having to use port forwarding. Attached is a Word document I wrote that details the process I went through.

Brian Cox
Georgia Telephone
http://Georgia-Telephone.com
http://www.linkedin.com/in/briancox1952

RE: SIP Trunk Security

Nice, have a star.

________________________________________

Add me to LinkedIN


=----(((((((((()----=
www.curlycord.com
Toronto, CAN

RE: SIP Trunk Security

(OP)
Thanks gents. This is a work in progress as the script kiddies are always looking for new methods in their quest for "free" phone calls. I believe the SIP providers need to take more responsibility for security than they do currently. I absolutely cringe at all the articles on SIP that advise people to forward port 5060 to their phone system.

Brian Cox
Georgia Telephone
http://Georgia-Telephone.com
http://www.linkedin.com/in/briancox1952

RE: SIP Trunk Security

Super! a star too.

RE: SIP Trunk Security

(OP)
I appreciate that. All is still quiet on my BCM50 since I figured out how to keep my system behind NAT and at the same time allow real calls to come through. I haven't had even one SIP scanner hit my system in almost 2 weeks. The firewall is doing its job.

Brian Cox
Georgia Telephone
http://Georgia-Telephone.com
http://www.linkedin.com/in/briancox1952

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close