[OpenSER-Users] How to avoid malicious BYE that update accounting "StopTime"?
Iñaki Baz Castillo
ibc at in.ilimit.es
Fri Feb 8 17:49:14 CET 2008
On Friday 08 February 2008 17:24:45 Dan-Cristian Bogos wrote:
> Hi Iñaki,
>
> I would blame the ua sending the false BYE. Usually the BYE packets must be
> authenticated, therefore coming from a trusted source.
Do you suggest to ask digest auth for BYE's? what about if I call to an
external user?
By using inter-peers relationships (TLS, trusted IP's) is not a solution.
Imagine 2 providers (P1 and P2) and 2 users (A user of P1 and B user of P2):
- A user and calls PSTN 1234.
- P1 does a ENUM query that resolves to B at P2.
- The INVITE arrives to P2 which forwards it to B location.
- Call ends.
- After 2 weeks B sends a malicious BYE which will arrive to P1 and UPDATE
accounting !!!!
--
Iñaki Baz Castillo
ibc at in.ilimit.es
More information about the Users
mailing list