Hi All.
I see this line in config.h
#define MIN_UDP_PACKET 32
Does this mean that ser happily drops all UDP traffic with a size less than 32?
If so, it would seem that SER proxies on the internet have an exposure to DoS attacks because someone could set 16-byte UDP packets to ser and therefore cause problems.
Is this correct?
Regards, Paul
Hi,
On Tuesday 15 February 2005 20:13, Java Rockx wrote:
Hi All.
I see this line in config.h
#define MIN_UDP_PACKET 32
Does this mean that ser happily drops all UDP traffic with a size less than 32?
If so, it would seem that SER proxies on the internet have an exposure to DoS attacks because someone could set 16-byte UDP packets to ser and therefore cause problems.
Is this correct?
counter question: what would happen if SER would parse the 16 bytes UDP packets instead of dropping them? => It get even worse. (Note I do NOT know if packets below that size are dropped.) I guess your are not able to build a valid SIP request or reply with less then 32 bytes. So I assume that this limit is just a protection e.g. against clients which do the NAT ping (empty UDP packet) in the direction from client to the server.
Greetings Nils
-
Java Rockx -
Nils Ohlmeier