Hi Iñaki, Have you consider requesting auth for the BYE ? from SIP point of view is perfectly valid....
Regards, Bogdan Iñaki Baz Castillo wrote: > Hi, I'm thinking in the following flow in which the caller/attacker > would get an unlimited call (but a limited CDR duration): > > -------------------------------------------------------------------------- > attacker OpenSIPS (Acc) gateway > > INVITE (CSeq 12) ------> > <-------- 407 Proxy Auth > > INVITE (CSeq 13) ------> > INVITE (CSeq 13) ------> > <------------------- 200 Ok > <------------------- 200 Ok > << Acc START >> > ACK (CSeq 13) -----------> > ACK (CSeq 13) -----------> > > <******************* RTP ************************> > > # Fraudulent BYE !!! > BYE (CSeq 10) -----------> > << Acc STOP >> > BYE (CSeq 10) -----------> > <-- 500 Req Out of Order > <-- 500 Req Out of Order > -------------------------------------------------------------------------- > > The call hasn't finished, but OpenSIPS has ended the accounting for > this call since it received a BYE. And this BYE will generate a > correct ACC Stop action (since it matches From_tag, To_tag and > Call-ID). > > I think this is *VERY* dangerous and I hope I'm wrong. > > Would help the dialog module here? does the dialog module check the > CSeq of the BYE in some way and could it prevent OpenSIPS from > generating the ACC STOP action? (I don't think so). > > Any idea? > > > > > _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
