14 Jan
2009
14 Jan
'09
6:16 p.m.
Hello,
On 01/14/2009 05:49 PM, Victor Pascual Ávila wrote:
Hi,
excuse me if this message is not directly related to Kamailio.
such debates are welcome all the time.
I'm just wondering if folks could share with me if
(and how) they have
prevented the "SIP Digest Access Authentication RELAY" in their
networks (and what worked for them or not).
To be sure we talk about the same thing, is this the issue described at:
http://madynes.loria.fr/TeamMembers/Abdelnur/madynes-security-advisory-sip-…
Cheers,
Daniel
NAT boxes reduce dramatically the scenarios for a
successful attack.
Otherwise, some might be mitigating the attack by means of forcing UAs
to use outbound proxies while others might be reducing the attack
incentives by means of message integrity.
Any comment would be appreciated,
--
Daniel-Constantin Mierla
http://www.asipto.com