[Serusers] rtpproxy address filling
Stefan Sayer
stefan.sayer at iptego.com
Tue Apr 1 22:53:54 CEST 2008
Andres wrote:
> Stefan Sayer wrote:
>
>>
>>
>> Andres wrote:
>>
>>>>>
>>>>> It immediately jumped into my mind that this could be a security
>>>>> vulnerability since a remote attacker could effectively bring down
>>>>> all sessions on an rtpproxy just by doing a UDP scan.
>>>>
>>>> ...wouldn't they switch back to the correct addresses when the next
>>>> RTP packet arrives, i.e. after 10/20/30 ms?
>>>>
>>> No it does not. I tried it. RTPProxy only switches addresses once.
>>> Although it is trivial to edit the source code and allow rtpproxy to
>>> always listen and adjust to IP Address changes during the entire call.
>>
sorry, I was not precise:
>> so would the more secure fix maybe be to always allow a switch back to
>> the original address?
... to the original address only?
so that a switch to an address away from the original address would be
possible exactly once, but switching back to original address always.
this would also work with your D-Link modems.
Stefan
--
Stefan Sayer
VoIP Services
stefan.sayer at iptego.com
www.iptego.com
iptego GmbH
Am Borsigturm 40
13507 Berlin
Germany
Amtsgericht Charlottenburg, HRB 101010
Geschaeftsfuehrer: Alexander Hoffmann
More information about the sr-users
mailing list