[OpenSER-Users] How to avoid malicious BYE that update accounting "StopTime"?
Iñaki Baz Castillo
ibc at in.ilimit.es
Fri Feb 8 17:17:08 CET 2008
Hi, I use radius accounting with MySQL backend and MediaProxy (to make fix
accounting when there is no BYE).
Imagine this scenario:
- A calls B. This produces a "Start" acc action, so a SQL INSERT.
- After 1 minute A crashes (no BYE sent and RTP stop).
- After 20 secs with no RTP MediaProxy sends an "Update" action to radius
server. This generates a SQL UPDATE that sets the StopTime. So finally the
call duration is 80 secs (OK).
- But now imagine that user B sends a BYE after 2 hours using the same From&To
tags and Call-ID. This is terrible!!! OpenSer will notify a "Stop" action to
radius server which will do a new SQL UPDATE query setting the StopTime to
7201 secs !!!!
How to avoid it? how to avoid anyone sending a malicious BYE with From&To tags
and Call-ID from any other already ended call?
--
Iñaki Baz Castillo
ibc at in.ilimit.es
More information about the Users
mailing list