[asterisk-dev] Strange SIP packet

Grey Man greymanvoip at gmail.com
Sun May 4 03:45:59 CDT 2008

In my opinion whatever agent the "ARRIS-TM501B release v.05.02.0X
SN/0015A362C83A" is it's not behaving very well. Feasibly it could
decide to send multiple Authorization headers on its initial REGISTER
for whatever reason but once Asterisk responds with the 401 and a
specific nonce and realm to authenticate against it should send a
single Authorization header using those pieces of information.

I don't think multiple Authorization headers with the same realm is a
good policy either. I suspect Asterisk and most SIP Regsitrars would
only attempt to use the first one encountered. What reason would a
user agent have to send multiple Authorizations to the same end
server? It would make brute force password attacks quicker but apart
from that I can't think of a good reason.



More information about the asterisk-dev mailing list