[asterisk-dev] the strictrtp feature is almost useless

Benny Amorsen benny+usenet at amorsen.dk
Thu Oct 14 06:54:06 CDT 2010


Kristijan Vrban <vrban.lkml at googlemail.com> writes:

> has anyone ever thought about it? this issue can also be used by an
> attacker. the attacker just need to send an RTP flooding to the RTP
> range asterisk use, to block the whole pbx. I have tried this. It's a
> simple and working attack.

This issue sounds like a fairly generic SIP/RTP problem. What do other
SIP implementations do?


/Benny




More information about the asterisk-dev mailing list