Hadriel Kaplan wrote: > Actually, it will cause problems for the device sending STUN, because that > next-hop proxy will (rightly) consider it a malformed attack and blacklist > the sender.
It's not reasonable for a proxy to blacklist source IPs sending it stuff it doesn't like. If you receive a UDP packet, it's a really rare case that you can know that the source IP wasn't spoofed. If you blacklist based on source IP addresses, it will be very easy to denial of service your proxy by getting it to blacklist real clients or other SIP proxies for example. That will be a much bigger problem for you than actually writing code that don't die when it receives unknown data (which you should do anyway, of course). /Fredrik _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
