28 Jul
2004
28 Jul
'04
3 p.m.
hello,
is it possible to do source ip authentication besides normal
www_authorize() for every user account?. This, as i understand, should
prevent from intercepting credentials and later faking sip message to
bypass www_authorization ? Or maybe there are some other counter measures
against such fraud?
Does src_ip comes directly from ip layer? If so, i could probably use this
to check with some external database (ie. ser subscriber)?
Antanas
NTT