Sip security


I have been reading about firewall traversal in SIP and I understand that the rtp audio traffic goes across a range of ports rather than a specific field (which is determined when the call is set up).

I have been told that to stop one-way audio with SIP, you need to open these range of ports - rtp.conf in asterisk states by default a range of 10,000 to 20,000.

Does this not represent a huge security risk and is there any other way to solve this.

Can anyone enlighten me?

Many Thanks