[Serusers] SER Denial Of Service Attack Question
Nils Ohlmeier
lists at ohlmeier.org
Tue Feb 15 22:03:16 CET 2005
Hi,
On Tuesday 15 February 2005 20:13, Java Rockx wrote:
> Hi All.
>
> I see this line in config.h
>
> #define MIN_UDP_PACKET 32
>
>
> Does this mean that ser happily drops all UDP traffic with a size less than
> 32?
>
> If so, it would seem that SER proxies on the internet have an exposure
> to DoS attacks because someone could set 16-byte UDP packets to ser
> and therefore cause problems.
>
> Is this correct?
counter question: what would happen if SER would parse the 16 bytes UDP
packets instead of dropping them?
=> It get even worse.
(Note I do NOT know if packets below that size are dropped.)
I guess your are not able to build a valid SIP request or reply with less then
32 bytes. So I assume that this limit is just a protection e.g. against
clients which do the NAT ping (empty UDP packet) in the direction from client
to the server.
Greetings
Nils
More information about the sr-users
mailing list