[asterisk-dev] Re: [Asterisk-Security] Day early and a dollar
short? (IAX2 and SIP problems)
Kevin P. Fleming
kpfleming at digium.com
Tue Jul 18 13:51:19 MST 2006
----- John Todd <jtodd at loligo.com> wrote:
> - For each user/peer, there could exist a user-specifiable (in
> sip.conf) counter that allows a certain number of pending un-finished
> INVITE (or any other authentication-based transaction?) exchanges.
This is what we just did in chan_iax2 to address this vulnerability.
--
Kevin P. Fleming
Senior Software Engineer
Digium, Inc.
More information about the asterisk-dev
mailing list