> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Raphael Coeffic > Sent: Thursday, March 05, 2009 4:48 AM > > The second difference is that it works > right now with any publicly reachable SIP provider.
I think I know what you mean by this statement, but maybe I don't. I think you mean it "works" right now only on a publicly reachable SIP provider that accepts INVITE requests from non-Registered Contacts. No? Or do you mean you've done testing of all publicly reachable SIP providers and found this to be an issue for all of them, right now? Since the REGISTERs are almost always challenged, this attack is not an issue for providers which reject INVITEs from non-Registered Contacts. Since SBC's have offered that restriction policy for at least the past 5 years, and presumably outbound-proxies do too (because it's a very popular policy), then you're really only talking about a theoretical subset of publicly reachable SIP Providers right now. And this is not to say the attack isn't interesting, or that publicly reachable SIP providers actually *use* such security policies. I've been surprised before about how some of them don't actually employ the security mechanisms they have at their disposal. But not using available mechanisms is very different from not having a way to do them. -hadriel _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [email protected] for questions on current sip Use [email protected] for new developments on the application of sip
