VOIP.ms more secure

Dashrender

Just received this notice.

I'm not sure how this is more secure? I would assume you would have to know the password or be on forwarding through the listed registration IP to be able to use the sip trunk. How does limiting this to this specific IP or POP help? if you have the password, can't you just log in and change it to whatever you want?

JaredBusch

@Dashrender said in VOIP.ms more secure:

Just received this notice.

I'm not sure how this is more secure? I would assume you would have to know the password or be on forwarding through the listed registration IP to be able to use the sip trunk. How does limiting this to this specific IP or POP help? if you have the password, can't you just log in and change it to whatever you want?

Registered SIP trunking is not the recommended method by a lot of systems. Yeah, it makes magic with NAT most of the time, but still.

So by adding this, you can now securely use IP based trunking on VoIP.ms.

Skyetel

SIP Trunking by IP is so much better than registration, we don't even allow you to register.

About a year ago, a customer came to us from one of our competitors that used SIP Registration. A hacker broke into his PBX, and instead of relaying all the calls through his PBX like they normally do, they got his SIP Trunking username & password for his carrier. They then proceeded to register half a dozen systems and burned through tens of thousands of dollars before the carrier realized something was wrong. They then forced him to pay the bill (which is why he quickly looked to move away to us).

I can rant all day about the pitfalls of SIP Registration, but I shall refrain

scottalanmiller

@Skyetel said in VOIP.ms more secure:

SIP Trunking by IP is so much better than registration, we don't even allow you to register.

About a year ago, a customer came to us from one of our competitors that used SIP Registration. A hacker broke into his PBX, and instead of relaying all the calls through his PBX like they normally do, they got his SIP Trunking username & password for his carrier. They then proceeded to register half a dozen systems and burned through tens of thousands of dollars before the carrier realized something was wrong. They then forced him to pay the bill (which is why he quickly looked to move away to us).

I can rant all day about the pitfalls of SIP Registration, but I shall refrain

It would be fine if you use IP locking and registration. But registration alone, I agree.

JaredBusch

@Skyetel said in VOIP.ms more secure:

SIP Trunking by IP is so much better than registration, we don't even allow you to register.

About a year ago, a customer came to us from one of our competitors that used SIP Registration. A hacker broke into his PBX, and instead of relaying all the calls through his PBX like they normally do, they got his SIP Trunking username & password for his carrier. They then proceeded to register half a dozen systems and burned through tens of thousands of dollars before the carrier realized something was wrong. They then forced him to pay the bill (which is why he quickly looked to move away to us).

I can rant all day about the pitfalls of SIP Registration, but I shall refrain

Multiple failures in the scenario you listed. Anyone of those failures being not there would’ve made the entire thing not a problem.