El Martes, 24 de Febrero de 2009, Maxim Sobolev escribió: > Yes, I know some proxies can generate accounting, but there are too many > loopholes in SIP to abuse accounting generated by the proxy. All that > accounting functionality relies on the fact that endpoints behave > strictly to the RFC and it's really easy for anybody with at least > moderate RFC3261 knowledge to bypass. So that ITSP which uses SIP Proxy > for this purpose in the situation described above puts himself open for > intentional or unintentional abuse.
You are completely right. I remember a long thread no so far in a proxy maillist about this subject. The conclusion was clear: A proxy CANNOT be used for accurate and *secure* accounting. For example a hacker (client) could send an spoofed BYE with reverse dialog data (and Route pointing to himself) so the proxy would account the BYE as coming from the other endpoint (PSTN gateway) while the request is sent back to the attacker (which will reply 200 very happy). And the RTP remains and the proxy can't realize of it... In order to avoid such a hack, the proxy should perform very complex checking in the BYE (checking the RURI, the Route headers...), but a proxy is supposed to "bypass" in-dialog request without so much checking. I think it's very clear that a pure SIP proxy network doesn't offer an accounting solution. But with a B2BUA it's easier. For example, the B2BUA could behave in a transparent way and could implement SessionTimers in both legs, so could control the call duration and status without handling the media. Also, a spoofed BYE wouldn't success in a B2BUA since one leg has no dialog info about the other leg. Best regards. -- Iñaki Baz Castillo _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
