[ S N O M 4 S N A T F I L T E R ]
For http and https, you need to know the port numbers when you want to log in. We recommend not using the standard ports. Operating a server on the public internet usually leads to a lot of denial of service at- tacks on the standard ports.
4.
For sip, you must decide if you want to run the server on a stand- ard port or a random port.
Standard Port | Random Port |
• User Agents that don’t | • Buggy |
support DNS SRV can | don’t introduce new |
automatically find the server | problems by modifying SIP |
• | packets |
automatically take care | • Less dangerous for DoS |
about user agents behind | attacks |
NAT | • Several SIP services can be |
| run on the same host |
The decision depends on the situation. If you plan to use a good SIP firewall, you should choose the standard port. Otherwise we would tend to recommend a random port. Non
The port for secure sip (sips) is usually 5061. The decision which port to use is similar to the decision for the SIP port. We recommend using a random port and publising the port number using DNS SRV.
In some situations when you have several IP addresses you want to limit the bindings to a specific IP address. You can do this by selecting the appropriate address from the pull down menu. If you choose „Default Address“, the server will bind to all available addresses. If you select „Public Address“, the server will select a public address; if you select „Pri- vate Address“, the server will select a private address.
32 • Configuration
