I just read this article about an Asterisk server that got hacked to
make free international calls through an ITSP:
I have a couple of questions:
1. Am I correct in understanding that SIP ALG on a router makes it
easier to host an Asterisk server on a private LAN behind a NAT router
(no need to map ports for RTP + outgoing packets can be sent directly
to the remote SIP client instead of going through the Asterisk server
to rewrite the RTP port numbers)?
2. If “allowguest=no” is commented out, it means that any SIP client
on the Net can connect to the Asterisk server and make outgoing calls
like legitimate SIP clients?