[OpenSIPS-Users] Accounting: How to avoid a fraudulent BYE with lower CSeq?

Iñaki Baz Castillo ibc at aliax.net
Wed Jan 7 13:09:37 CET 2009


2009/1/7 Dan Pascu <dan at ag-projects.com>:
> On Wednesday 07 January 2009, Iñaki Baz Castillo wrote:
>> 2009/1/7 Dan Pascu <dan at ag-projects.com>:
>> > But then I can send one with the proper ruri, but a different route
>> > set that puts me in the front of the gateway, so when I receive the
>> > BYE, instead of forwarding it to the gateway as the route set
>> > requests, I reply myself with a 200 OK making it look like it came
>> > from the gateway.
>>
>> This could be avoiding by examinating the $dd value. If it's set it
>> means that a Route header exists, so we could reject the BYE. But this
>> would break a complex scenario with varios sequential proxies doing
>> loose-routing.
>
> You can't. I can build a reply that looks genuine. All I have to do is
> place myself between the proxy and the gateway in the route set and if
> the proxy doesn't disallow the modified route set it can't tell who gave
> the 200 OK to the BYE.

But I mean that the proxy would reject the BYE if it contains a route
set after the proxy does loose-routing, so the only valid destination
is the RURI (and the proxy can check if the RURI is the gateway).


>> So the conclusion is: a secure CDR system can be only achieved in a
>> B2BUA between the proxy and the gateway. Is it?
>
> Not necessarily. See my other email about proxy generated BYEs or using
> mediaproxy to break the media path.

Sure, but it involves handling the media.


-- 
Iñaki Baz Castillo
<ibc at aliax.net>


More information about the Users mailing list