Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

VoIP Security: Difference between revisions

m
m (clean up, typos fixed: ie → i.e. , eg, → e.g.,)
 
(6 intermediate revisions by 2 users not shown)
See: [[VoIP Call Rate Limits]]
 
== IP AllowAccess List (restrict access by IP) ==
 
IP LockdownAccess List - a VoIP number can be given an IP address to which is only allowed to register (i.e. you can add the IP of your phone, and only that phone will be able to register)
 
On the Voiceless platform youYou can specify the IP as a subnet in CIDR format, e.g. 192.0.2.0/29, and multiple IPs can be comma separated.
[[File:ControlPages-VoIP-IPLockdown.png|none|frame|IP Lockdown, comma separated etc.]]
 
On the Voiceless platform you can specify the IP as a subnet in CIDR format, e.g. 192.0.2.0/29, and multiple IPs can be comma separated.
 
Valid examples:
The system can send advisory messages when a billing amount is reached. This is set per number on the [[:Category:Control Pages|Control Pages]]. The email set for the Number and for the Login is used.
During the month, each time the amount is reached an email will be sent. At the end of the month the amount is reset.
This feature was added in October 2011, the default warning level is £10, and for numbers whowhich used over £10 in September the rate was set to 1.2 times SeptembersSeptember's bill amount.
 
== IP and User Agent Warning Emails ==
 
==Snom Phones==
Snom has a page about securing their devices on their wiki: httphttps://wikiservice.snom.com/FAQdisplay/wiki/How_do_I_secure_my_phoneHow+do+I+secure+my+Snom+phone
 
=Odd incoming calls that are not on the CDRs?=
Solution: Firewall SIP as explained above.
 
Also some equipment may support the disabling of calls being sent direct from the Internet. For example, Grandstream firmware often has a feature ''Allow Incoming SIP Messages from SIP Proxy Only'', which is worth using (unless you need to accept such calls).
 
Your equipment may also support a feature whereby incoming INVITE messages are only accepted if they use the User ID which you used when registering with the SIP server, maybe named ''Check SIP User ID for incoming INVITE''. The SIP server will know this User ID, random SIP spammers will not. This User ID is ''not'' the Authentication Username (e.g. +442083xxxxxx), but what is often termed ''Username'' in equipment configuration (where you can set a Username and a Real Name, e.g. ''fred'' and ''Fred Bloggs'') which is used in SIP calls.
 
[[File:aa-button.png|link=http://aa.net.uk/telecoms.html|Telecoms page on our main website]]
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,341

edits