[OpenSER-Users] How to avoid malicious BYE that update accounting	"StopTime"?
    Iñaki Baz Castillo 
    ibc at in.ilimit.es
       
    Fri Feb  8 17:17:08 CET 2008
    
    
  
Hi, I use radius accounting with MySQL backend and MediaProxy (to make fix 
accounting when there is no BYE).
Imagine this scenario:
- A calls B. This produces a "Start" acc action, so a SQL INSERT.
- After 1 minute A crashes (no BYE sent and RTP stop).
- After 20 secs with no RTP MediaProxy sends an "Update" action to radius 
server. This generates a SQL UPDATE that sets the StopTime. So finally the 
call duration is 80 secs (OK).
- But now imagine that user B sends a BYE after 2 hours using the same From&To 
tags and Call-ID. This is terrible!!!  OpenSer will notify a "Stop" action to 
radius server which will do a new SQL UPDATE query setting the StopTime to 
7201 secs !!!!
How to avoid it? how to avoid anyone sending a malicious BYE with From&To tags 
and Call-ID from any other already ended call?
-- 
Iñaki Baz Castillo
ibc at in.ilimit.es
    
    
More information about the Users
mailing list