Security and random call on phone from Internet

suggestion
ip-communications

#1

I’ve put phone at home dsl network. (simple D-link router). Time by time random calls from Internet comes. After changing “Accept Incoming SIP from Proxy Only” to yes. Calls stopped. Is it possible to put ‘yes’ on ‘Accept Incoming SIP from Proxy Only’ by default. It is very unconvinent for users to hear calls from Internet sniffers all the time. Not all routers have good firewall.


#2

Are you just forwarding all port 5060 connections to your phone? If you’re registering with a SIP proxy, you don’t need to do that so long as you have a keep-alive timer set. This will eliminate all those calls since incoming 5060 connections will be dropped unless they’re related to the port your phone opened to register in the first place.


#3

You already found the right settings for that situation, so I don’t understand your question. The setting is not a “default” one but once set it won’t change back unless a “factory reset” is done, so you don’t have to worry about it again.


#4

Hi,

Thanks for the feedback. Since IP phones are typically deployed behind NAT router (and for good reason), we didn’t think it would be necessary to have that security feature enabled by default. Enabling the feature by default also poses a problem for users who use the direct IP calling feature or CTI applications to control the phone.

In addition to enabling “Accept Incoming SIP from Proxy Only,” we recommend to changing the SIP listening port of the phone to something other than 5060 (well known SIP port). It is also best to port forward the phone using a static NAT setup where the phone is assigned an internal static IP and that IP is mapped to an external public IP and port. This way, the NAT router can filter the communication that is allowed to reach the phone. Whitelist and blacklist can be setup accordingly.

Thanks