Dan-Cristian Bogos wrote:
> Hi Iņaki,
>
> I would blame the ua sending the false BYE. Usually the BYE packets
> must be authenticated, therefore coming from a trusted source.
>
> DanB
>
> On Feb 8, 2008 5:17 PM, Iņaki Baz Castillo <
ibc@in.ilimit.es > <mailto:
ibc@in.ilimit.es>> wrote:
>
> Hi, I use radius accounting with MySQL backend and MediaProxy (to
> make fix
> accounting when there is no BYE).
>
> Imagine this scenario:
>
> - A calls B. This produces a "Start" acc action, so a SQL INSERT.
>
> - After 1 minute A crashes (no BYE sent and RTP stop).
>
> - After 20 secs with no RTP MediaProxy sends an "Update" action to
> radius
> server. This generates a SQL UPDATE that sets the StopTime. So
> finally the
> call duration is 80 secs (OK).
>
> - But now imagine that user B sends a BYE after 2 hours using the
> same From&To
> tags and Call-ID. This is terrible!!! OpenSer will notify a
> "Stop" action to
> radius server which will do a new SQL UPDATE query setting the
> StopTime to
> 7201 secs !!!!
>
> How to avoid it? how to avoid anyone sending a malicious BYE with
> From&To tags
> and Call-ID from any other already ended call?
>
> --
> Iņaki Baz Castillo