Andres wrote:
It immediately jumped into my mind that this could be a security vulnerability since a remote attacker could effectively bring down all sessions on an rtpproxy just by doing a UDP scan.
...wouldn't they switch back to the correct addresses when the next RTP packet arrives, i.e. after 10/20/30 ms?
No it does not. I tried it. RTPProxy only switches addresses once. Although it is trivial to edit the source code and allow rtpproxy to always listen and adjust to IP Address changes during the entire call.
so would the more secure fix maybe be to always allow a switch back to the original address? o streams with rtp from the original address would switch back the connection address o streams with rtp from different address would be vulnerable only for the very short period of call setup, before the first packet arrived (which makes the switch to the correct address)
Stefan
Andres http://www.neuroredes.com
Stefan
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers