Victor Pascual Ávila wrote: > On Fri, Dec 19, 2008 at 3:22 PM, Bogdan-Andrei Iancu > <[email protected]> wrote: > >> Hi Iñaki, >> >> Have you consider requesting auth for the BYE ? from SIP point of view >> is perfectly valid.... >> > > I'm afraid this would only prevent external attackers but does not > protect you from your own customers-- guys who have the credentials > and wanna call for free >
I guess you are refering to attacks like sending to proxy BYEs with RURI or Route info pointing somewhere else than the GW and the proxy will record end of call, but the GW does not actually receive a BYE. Is this correct? Regads, Bogdan _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
