25 Apr
2008
25 Apr
'08
4:14 p.m.
Hi Adrian,
The MediaProxy 2.0 supports the change of NAT IP in an established call?.
Regards,
Gonzalo.
Hi Gonzalo,
The current mediaproxy will be replaced by MediaProxy 2.0 that
addresses this issues.
Regards,
Adrian
On Apr 24, 2008, at 8:58 PM, Gonzalo J. Sambucaro wrote:
--
Gonzalo J. Sambucaro
Ingeniería de Software
Tel: +54-341-4230504
MSLC
gonzalo.sambucaro(a)mslc.com.ar
www.mslc.com.ar
Ocampo y Esmeralda - Vivero de Empresas de Base Tecnológica
Ciudad Universitaria Rosario UNR, CCT CONICET
Rosario - Santa Fé - Argentina
Hi,
By the timeout implementation in now more secure the support of
the NAT
IP change. To change the Caller/Called address the mediaproxy waits
for
two seconds that the Caller/Called doesn't send any rtp/rtcp packet
and
checking the SSRC. This change was tested and in production working
well.
Also I found a bug in the asymmetric RTP UA support. This file
contains
the fix of the bug, the solution to the bug is very simple. How can
I do
to report the bug and the solution?
Regards
"Gonzalo J. Sambucaro"
<gonzalo.sambucaro(a)mslc.com.ar> writes:
--
Gonzalo J. Sambucaro
Ingeniería de Software
Tel: +54-341-4230504
MSLC
gonzalo.sambucaro(a)mslc.com.ar
www.mslc.com.ar
Ocampo y Esmeralda - Vivero de Empresas de Base Tecnológica
Ciudad Universitaria Rosario UNR, CCT CONICET
Rosario - Santa Fé -
Argentina<rtphandler.py.tgz>__________________________________________
_____
Devel mailing list
Devel(a)lists.openser.org
http://lists.openser.org/cgi-bin/mailman/listinfo/devel [...]
1) When the first rtp packet of a source arrives, save the SSRC
field in
the MP.
- Save the SSRC of the caller.
- Save the SSRC of the called.
2) If arrives a rtp packet with unknown source IP but with the
same SSRC
field of some of the two streams, updates the binding (with the
new IP
detected) between the caller and the MP or between the called and
the MP
according to the field SSRC previously saved.
An attacker would have to guess/sniff the SSRC and then could take
over
the rtp session? (maybe could be fixed by only allowing to take over
after some timeout)
On the other hand if he can sniff ...