1 Apr
2008
1 Apr
'08
11:06 p.m.
Andres wrote:
No it does not. I tried it. RTPProxy only switches addresses once.
Although it is trivial to edit the source code and allow rtpproxy to
always listen and adjust to IP Address changes during the entire call. so would the
more secure fix maybe be to always allow a switch back to
the original address?
o streams with rtp from the original address would switch back the
connection address
o streams with rtp from different address would be vulnerable only for
the very short period of call setup, before the first packet arrived
(which makes the switch to the correct address)
Stefan
It immediately jumped into my mind that this could be a security
vulnerability since a remote attacker could effectively bring down
all sessions on an rtpproxy just by doing a UDP scan.
...wouldn't they switch
back to the correct addresses when the next
RTP packet arrives, i.e. after 10/20/30 ms?
Andres
http://www.neuroredes.com
--
Stefan Sayer
VoIP Services
stefan.sayer(a)iptego.com
www.iptego.com
iptego GmbH
Am Borsigturm 40
13507 Berlin
Germany
Amtsgericht Charlottenburg, HRB 101010
Geschaeftsfuehrer: Alexander Hoffmann
Stefan
_______________________________________________
Serusers mailing list
Serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers