Hello all. First of all, sorry for my poor english. I worked since few time in VoIP, and I would like to clarify, with your help, a doubt i have about the issue in subject.
Let's have a very common scenario, where a sip client A (let's say a phone) interacts with a sip server B (let's say an ippbx). To keep things simple, the interactions are registrations (REGISTER) and calls (INVITE and ACK). The administrator configured A with credentials that have been registered on B, so REGISTERs and INVITEs incoming to B are authenticated. Now in this network a malicious user appears, let's call it C. Of course it will be not able to send any malicious request to B, since B will ask for credentials (that C does not know) and subsequentially drop the unauthorized requests. What about A? What if C sends an unsolicited call to A? At this point A has a "registration" up with B, so they are exchanging some informations. Is A able to recognize that the call C is sending it is "not related" to its "registration session" with B? (of course without dealing with network addresses) For example, A and B are exchanging some random tags. Are they brought (by protocol, and not as an proprietary extension) in the subsequent dialogs initiated by B towards A, so that A can recognize them? If that is the case, can you point me to the exact point of the RFC that states it? Thanks a lot for help. Kind regards, S. _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
