Where in sip.conf should this be set?

  1. Set “alwaysauthreject=yes” in your sip.conf file. This option has been around for a while (since 1.2?) but the default is “no”, which allows extension information leakage. Setting this to “yes” will reject bad authentication requests on valid usernames with the same rejection information as with invalid usernames, denying remote attackers the ability to detect existing extensions with brute-force guessing attacks.

I came just to start with Asterisk, and I want to know if it’s possible to implement Asterisk on openstacK.?

It has to be set in the general section. The default was changed to yes awhile ago, at least in 11 and up.

Many people are using Asterisk on Openstack. I’d suggest creating a new thread instead of hijacking this one though for future questions.

1 Like