[Kamailio-Devel] [ openser-Feature Requests-2726791 ] check r-r header of reply
alex at speakup.nl
Thu Apr 2 16:43:32 CEST 2009
On Thursday 02 April 2009, SourceForge.net wrote:
> for security reasons, it should be possible to make kamailio to check, if
> r-r uris of reply match those of request. if check is not done, uac is
> vulnerable to proxy by-pass attack and nasty things may happen.
That doesn't help very much. This will only detect a malicious UAS, but it
doesn't do anything to prevent it from bypassing the proxy. If the UAC (or
UAS) is malicious, it can skip whatever RR-headers it wants.
More information about the Devel