Heya,
Has anyone done any research or have any anecdotal numbers related to
how common it is to have a SIP gateway sitting out on the Internet with no ACL
or authentication? Recently we have noticed a couple of instances where we get
abuse complaints from companies who claim that one of our hosting clients
'stole SIP service' from them. This reminds me somewhat of the 'SMTP open
relay' days. We obviously take action and shut the offending user down but I
can't help but wonder how common this practice is. Usually I just ask the
company why their system allows anyone to use their SIP gateway and they
usually say something like "We can't predict what IP our users will come in
from... etc"
I am just wondering if anyone else has noticed this trend.
-Drew
