[OpenSER-Users] How to avoid malicious BYE that update accounting "StopTime"?
Iñaki Baz Castillo
ibc at in.ilimit.es
Fri Feb 8 18:27:05 CET 2008
On Friday 08 February 2008 18:18:57 Sri Rao wrote:
> An already ended call will have no matching dialog/transaction existing in
> P1. So, "malicious" BYEs are treated as non-existent dialog/transactions. I
> doubt if it even makes it to the proxy core as it would be discared by the
> transaction layer itself.
Your reasoning is incorrect: a BYE is a new transaction and a stateful proxy
doesn't store dialog information (even if it stores dialgo info it doesn't
match it).
For a stateful proxy there is NO difference between a BYE for a established
call and a BYE sent 3 after weeks that call ended. If both SIP messages are
identical the proxy can't do NOTHING to allow the first one and reject the
second one (maybe very dirty SQL queries).
--
Iñaki Baz Castillo
ibc at in.ilimit.es
More information about the sr-users
mailing list