[OpenSIPS-Users] Accounting: How to avoid a fraudulent BYE with lower CSeq?
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Fri Dec 19 15:22:18 CET 2008
Hi Iñaki,
Have you consider requesting auth for the BYE ? from SIP point of view
is perfectly valid....
Regards,
Bogdan
Iñaki Baz Castillo wrote:
> Hi, I'm thinking in the following flow in which the caller/attacker
> would get an unlimited call (but a limited CDR duration):
>
> --------------------------------------------------------------------------
> attacker OpenSIPS (Acc) gateway
>
> INVITE (CSeq 12) ------>
> <-------- 407 Proxy Auth
>
> INVITE (CSeq 13) ------>
> INVITE (CSeq 13) ------>
> <------------------- 200 Ok
> <------------------- 200 Ok
> << Acc START >>
> ACK (CSeq 13) ----------->
> ACK (CSeq 13) ----------->
>
> <******************* RTP ************************>
>
> # Fraudulent BYE !!!
> BYE (CSeq 10) ----------->
> << Acc STOP >>
> BYE (CSeq 10) ----------->
> <-- 500 Req Out of Order
> <-- 500 Req Out of Order
> --------------------------------------------------------------------------
>
> The call hasn't finished, but OpenSIPS has ended the accounting for
> this call since it received a BYE. And this BYE will generate a
> correct ACC Stop action (since it matches From_tag, To_tag and
> Call-ID).
>
> I think this is *VERY* dangerous and I hope I'm wrong.
>
> Would help the dialog module here? does the dialog module check the
> CSeq of the BYE in some way and could it prevent OpenSIPS from
> generating the ACC STOP action? (I don't think so).
>
> Any idea?
>
>
>
>
>
More information about the Users
mailing list