Fongo Community Forums

Fongo powers free calling solutions for a number of brands. This forum includes information and tips on all of those offerings. Note that your specific services may vary based on the specific Fongo product that you're using.
https://forum.fongo.com/

Another reason to avoid SIP ALG if possible

https://forum.fongo.com/viewtopic.php?f=10&t=20602

Page 1 of 1

Another reason to avoid SIP ALG if possible

Posted: 05/06/2023
by Liptonbrisk
https://www.snbforums.com/threads/vulne ... ost-657216
RMerlin wrote:The NAT Slipstream attack is the one that uses ALGs helpers to potentially compromise clients. I recommend making sure none of the settings on the NAT Passthrough page is set to "Enabled + NAT Helper", they should be either "Enabled" or "Disabled". I haven't tested this, but I would expect that ensuring NAT helpers are disabled to be enough to prevent this attack vector.

Those ALG are generally not needed by modern clients. For instance, I have both an ATA (for my home phone) and a direct IP phone (for work) here, both work fine without the need for an ALG helper.

Note that numerous browsers are now implementing mitigation methods by blocking certain ports used by these protocols.
RMerlin is the developer of Asuswrt-Merlin firmware. He is referring to settings in Merlin router firmware.

NAT slipstreaming involving ALGs, including SIP ALG, doesn't just apply to Asuswrt-Merlin, of course: https://samy.pl/slipstream/.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited