[Serusers] authenticating BYE messages
Juha Heinanen
jh at tutpro.com
Tue Mar 30 07:58:11 CEST 2004
Ticknor.Scott at ic.gc.ca writes:
> my lab partner & i have found that if we sniff an ACK message during call
> setup and extract the call tag and id, then we can arbitrarily hang up the
> call from our java attack generator. i thought about adding some logic to
> ser.cfg to process BYEs. is there an easy way to authenticate the
> BYE?
there is no way to authenticate bye if it is initiated by the party that
is not local to the proxy.
-- juha
More information about the sr-users
mailing list