Jens, yes, if an attacker guess/sniff the SSRC then could take over the rtp session. A timeout would work fine but right now I don't have the time to do it, if somebody else wants to do it I can send the source code.
Regards, Gonzalo.
"Gonzalo J. Sambucaro" gonzalo.sambucaro@mslc.com.ar writes:
[...]
- When the first rtp packet of a source arrives, save the SSRC field in
the MP.
- Save the SSRC of the caller.
- Save the SSRC of the called.
- If arrives a rtp packet with unknown source IP but with the same SSRC
field of some of the two streams, updates the binding (with the new IP detected) between the caller and the MP or between the called and the MP according to the field SSRC previously saved.
An attacker would have to guess/sniff the SSRC and then could take over the rtp session? (maybe could be fixed by only allowing to take over after some timeout) On the other hand if he can sniff ...
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users