3 May
2005
3 May
'05
5:31 p.m.
Fair enough, but then what do you do against fake BYE messages? If you do not authenticate
them somehow, anybody could sniff the INV message (and OK/ACK), take the needed fields,
and tear down the session.
Of course, even if you protect against fake BYEs, there is still CANCEL messages, which
according to the RFC cannot be challenged at all ... so maybe just drop them all?
I am just thinking outloud on how to harden a sip system ...
Cesc
>> Juha Heinanen <jh(a)tutpro.com> 05/03/05
04:07PM >>>
Cesc Santasusana writes:
For example, Kphone can resend an INV if challenged
which contains
the auth-data. On the other hand, if a kphone is the receiver of the
INV, and it hangs up, kphone generates a BYE message which does NOT
contain auth-data. Thus, ser will challlenge the kphone back, kphone
will reply with a CANCEL and resend the BYE without (again) the
auth-data, entering an endless loop. Ain't it funny?
bye is not initial request, but in-dialog request. it doesn't make
sense to authenticate them, because you may not even know if the sender
of bye is your local user or not.
for initial requests you always know this and thus can authenticate
them.
-- juha
Unclassified
7149
days inactive
7149
days old
0 comments
1 participants
participants (1)
-
Cesc Santasusana