[122091] in North American Network Operators' Group
How common are wide open SIP gateways?
daemon@ATHENA.MIT.EDU (Drew Weaver)
Fri Feb 5 12:33:52 2010
From: Drew Weaver <drew.weaver@thenap.com>
To: "nanog@nanog.org" <nanog@nanog.org>
Date: Fri, 5 Feb 2010 12:33:21 -0500
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Heya,
Has anyone done any research or have any anecdotal numbers related to how =
common it is to have a SIP gateway sitting out on the Internet with no ACL =
or authentication? Recently we have noticed a couple of instances where we =
get abuse complaints from companies who claim that one of our hosting clien=
ts 'stole SIP service' from them. This reminds me somewhat of the 'SMTP ope=
n relay' days. We obviously take action and shut the offending user down bu=
t I can't help but wonder how common this practice is. Usually I just ask t=
he company why their system allows anyone to use their SIP gateway and they=
usually say something like "We can't predict what IP our users will come i=
n from... etc"
I am just wondering if anyone else has noticed this trend.
-Drew
