15 Feb
2005
15 Feb
'05
9:13 p.m.
Hi All.
I see this line in config.h
#define MIN_UDP_PACKET 32
Does this mean that ser happily drops all UDP traffic with a size less than 32?
If so, it would seem that SER proxies on the internet have an exposure
to DoS attacks because someone could set 16-byte UDP packets to ser
and therefore cause problems.
Is this correct?
Regards,
Paul
15 Feb
15 Feb
11:03 p.m.
Hi,
On Tuesday 15 February 2005 20:13, Java Rockx wrote:
Hi All.
I see this line in config.h
#define MIN_UDP_PACKET 32
Does this mean that ser happily drops all UDP traffic with a size less than
32?
If so, it would seem that SER proxies on the internet have an exposure
to DoS attacks because someone could set 16-byte UDP packets to ser
and therefore cause problems.
Is this correct?
counter question: what would happen if SER would parse the 16 bytes UDP
packets instead of dropping them?
=> It get even worse.
(Note I do NOT know if packets below that size are dropped.)
I guess your are not able to build a valid SIP request or reply with less then
32 bytes. So I assume that this limit is just a protection e.g. against
clients which do the NAT ping (empty UDP packet) in the direction from client
to the server.
Greetings
Nils
7221
days inactive
7221
days old
1 comments
2 participants
participants (2)
-
Java Rockx -
Nils Ohlmeier