[SR-Users] SIP Security Architectural Question to Use RTP/Media Proxy or Not?
Alex Balashov
abalashov at evaristesys.com
Thu Jan 2 18:12:19 CET 2014
On 01/02/2014 11:00 AM, Jr Richardson wrote:
> or should I open up media port range to all PBX's and not worry
> about attacks.
You should open up the media port range to all PBXs and not worry about
attacks.
As Muhammad said, RTP ports are dynamic enough to preclude most MITM
attacks. Any decently implemented SIP UA should not accept media
packets from anywhere other than the indicated stream source.
Additionally, almost all (D)DoS attack patterns reliant on simple packet
flooding exploit TCP stacks, since TCP allocates resources (memory) and
state for TCP connections for a period of time. UDP is largely immune
to that, since it's such a dumb fire-and-forget mechanism with no
reliability abstraction layer.
This really isn't worth worrying about.
-- Alex
--
Alex Balashov - Principal
Evariste Systems LLC
235 E Ponce de Leon Ave
Suite 106
Decatur, GA 30030
United States
Tel: +1-678-954-0670
Web: http://www.evaristesys.com/, http://www.alexbalashov.com/
More information about the sr-users
mailing list