[asterisk-dev] SIP, NAT, security concerns, oh my!
Tilghman Lesher
tilghman at meg.abyt.es
Sat Oct 22 14:49:56 CDT 2011
On Sat, Oct 22, 2011 at 10:50 AM, Ryan Wagoner <rswagoner at gmail.com> wrote:
> On Sat, Oct 22, 2011 at 11:02 AM, Tilghman Lesher <tilghman at meg.abyt.es> wrote:
>> Here's another option: send responses to _both_ ports while the
>> client is still unauthenticated. This would have the effect of an
>> attacker being unable to distinguish between a peer existing and not,
>> while still allowing peers to be configured either with rport enabled or
>> rport-oblivious.
>>
>> That still leaves peers without authentication to be a problem, but
>> those are typically authenticated by other means, such as
>> possession of a particular IP address, or restricted to a context
>> without outward dialing capabilities.
>
> Your option of sending responses to both ports sounds interesting.
> However what happens if the client receives both responses? How much
> extra network traffic does this cause for a server with thousands of
> peers. Just like option 3 if you make this optional it could be a good
> choice for some use cases.
It shouldn't actually be a problem; the second packet would be ignored,
because in UDP-based SIP, there's always a possibility that a packet is
lost (never received), so re-transmits are built into the protocol. Thus, a
SIP UA should always be prepared to receive an identical (in terms of
payload) packet.
-Tilghman
More information about the asterisk-dev
mailing list