Stefan Sayer wrote:
Andres wrote:
Stefan Sayer wrote:
Andres wrote:
It immediately jumped into my mind that this could be a security vulnerability since a remote attacker could effectively bring down all sessions on an rtpproxy just by doing a UDP scan.
...wouldn't they switch back to the correct addresses when the next RTP packet arrives, i.e. after 10/20/30 ms?
No it does not. I tried it. RTPProxy only switches addresses once. Although it is trivial to edit the source code and allow rtpproxy to always listen and adjust to IP Address changes during the entire call.
sorry, I was not precise:
so would the more secure fix maybe be to always allow a switch back to the original address?
... to the original address only?
so that a switch to an address away from the original address would be possible exactly once, but switching back to original address always.
Sure, that sounds good and more secure too. Maybe Maxim can chime in with his thoughts.
Andres http://www.neuroredes.com
this would also work with your D-Link modems.
Stefan