[Kamailio-Users] Accounting: How to avoid a fraudulent BYE with lower CSeq?

Juha Heinanen jh at tutpro.com
Sat Dec 20 16:19:00 CET 2008


Daniel-Constantin Mierla writes:

 > I believe in this cases an important aspect is to be sure you can 
 > identify the attacker. It is hard to prevent all people can think of, 
 > but when detecting one case, being able to get the guilty is very 
 > important. Also, at that time, you can add the logic to prevent further 
 > exposure to same attack.

this sounds like the ever lasting story of fixing security holes in
internet explorer.  i don't think it is a vice path to take.  

better to proxy all media if accounting cannot be done in the
gateways. and then we have reinvented pstn ...

-- juha




More information about the Users mailing list