I think the problem is mainly in detecting the bogus BYEs, rather than what to do about.
Indeed, the dialog module can provide a lot of information that helps with the detection. And not only in the trivial case of Cseq number, but also monitoring if the direction where the BYE is received & sent matches with the one stored in dialog (at invite time). Regards, Bogdan Victor Pascual Ávila wrote: > On Wed, Jan 7, 2009 at 11:58 AM, Adrian Georgescu <[email protected]> > wrote: > >> The dialog module could eventually be used to detect out of sync Cseq and >> take decision to terminate the call. Is this feasible? >> > > Correct me if I'm wrong, but in that case it'd be easier to > reject/drop the BYE request. > > -Victor > > >> Adrian >> On Dec 19, 2008, at 3:59 PM, Victor Pascual Ávila wrote: >> >> On Fri, Dec 19, 2008 at 3:22 PM, Bogdan-Andrei Iancu >> <[email protected]> wrote: >> >> Hi Iñaki, >> >> Have you consider requesting auth for the BYE ? from SIP point of view >> >> is perfectly valid.... >> >> I'm afraid this would only prevent external attackers but does not >> protect you from your own customers-- guys who have the credentials >> and wanna call for free. >> >> Cheers, >> -- >> Victor Pascual Ávila >> _______________________________________________ >> Users mailing list >> [email protected] >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >> >> >> > > > > _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
