System information

ManualsBrandsATech Machine ManualsComputer equipmentLIBRA-02 M

671

672

673

674

675

676

677

678

679

680

Your service provider will have a definition in either its sip.conf or iax.conf configuration

file (depending on whether you are connecting with the SIP or IAX protocol, respec-

tively) for your Asterisk server. If you only receive calls from this provider, you will

define it as a user (if it is another Asterisk system, you might be defined in its system

as a peer).

Now let’s say that your box is on your home Internet connection, with a dynamic IP

address. Your service provider has a static IP address (or perhaps a fully qualified do-

main name), which you place in your configuration file. Since you have a dynamic

address, your service provider specifies host=dynamic in its configuration file. In order

to know where to route your +1-800-555-1212 call, your service provider needs to know

where you are located in relation to the Internet. This is where the register statement

comes into use.

The register statement is a way of authenticating and telling your peer where you are.

In the [general] section of your configuration file, you place a statement similar to this:

You can verify a successful registration with the use of the iax2 show registry and sip

show registry commands at the Asterisk console.

VoIP Security

We can barely scratch the surface of the complex matter of VoIP security in this ap-

pendix; therefore, before we dig in, we want to steer you in the direction of the VoIP

Security Alliance (http://www.voipsa.org). This fantastic resource contains an excellent

mailing list, white papers, howtos, and a general compendium of all matters relating

to VoIP security. Just as email has been abused by the selfish and criminal, so too will

voice. The fine folks at VoIPSA are doing what they can to ensure that we address these

challenges now, before they become an epidemic. In the realm of books on the subject,

we recommend the most excellent Hacking Exposed VoIP by David Endler and Mark

Collier (McGraw-Hill Osborne Media). If you are responsible for deploying any VoIP

system, you need to be aware of this stuff.

Spam over Internet Telephony (SPIT)

We don’t want to think about this, but we know it’s coming. The simple fact is that

there are people in this world who lack certain social skills, and that coupled with a

kind of mindless greed, means that these folks think nothing of flooding the Internet

with massive volumes of email. These same types of characters will think little of doing

the same with voice. We already know what it’s like to get inundated with telemarketing

calls; try to imagine what might happen when those telemarketers realize they can send

voice spam at almost no cost. Regulation has not stopped email spam, and it will prob-

ably not stop voice spam, so it will be up to us to prevent it.

636 | Appendix B: Protocols for VoIP

Downloa d f r o m W o w ! e B o o k < w w w.woweb o o k . c o m >