For http and https, you need to know these port numbers when
you want to log in. We recommend not using the standard ports. Operat-
ing a server on the public internet usually leads to a lot of denial of service
attacks on the standard ports.
For sip, you must decide if you want to run the server on a stand-
ard port or a random port.
Standard Port
•
User Agents that don't
support DNS SRV can
automatically find the server
•
SIP-aware firewalls
automatically take care
about user agents behind
NAT
The decision depends on the situation. If you plan to use a good
SIP firewalls, you should choose the standard port. Otherwise we would
tend to recommend a random port. Non NAT-aware user agents usually
must be configured manually anyway; in this case you can also provide a
port number.
The port for secure sip (sips) is usually 5061. The decision what
port to use is similar to the decision for the SIP port. We recommend using
a random port and publish the port number using DNS SRV.
34 • Confi guration
[
4 S N A T F
S N O M
•
•
•
]
I L T E R
Random Port
Buggy SIP-aware firewalls
don't introduce new
problems by modifying SIP
packets
Less dangerous for DoS
attacks
Several SIP services can be
run on the same host