[OpenSIPS-Users] Accounting: How to avoid a fraudulent BYE with lower CSeq?

Dan Pascu dan at ag-projects.com
Wed Jan 7 12:50:49 CET 2009


On Wednesday 07 January 2009, Iñaki Baz Castillo wrote:
> 2009/1/7 Dan Pascu <dan at ag-projects.com>:
> > But then I can send one with the proper ruri, but a different route
> > set that puts me in the front of the gateway, so when I receive the
> > BYE, instead of forwarding it to the gateway as the route set
> > requests, I reply myself with a 200 OK making it look like it came
> > from the gateway.
>
> This could be avoiding by examinating the $dd value. If it's set it
> means that a Route header exists, so we could reject the BYE. But this
> would break a complex scenario with varios sequential proxies doing
> loose-routing.

You can't. I can build a reply that looks genuine. All I have to do is 
place myself between the proxy and the gateway in the route set and if 
the proxy doesn't disallow the modified route set it can't tell who gave 
the 200 OK to the BYE.

> > In the end it means, the proxy will have to verify everything (dialog
> > identification elements, cseq, ruri, route set) to avoid fraud and
> > also wait for a 200 OK, which makes it look more like a b2bua after
> > all
>
> So the conclusion is: a secure CDR system can be only achieved in a
> B2BUA between the proxy and the gateway. Is it?

Not necessarily. See my other email about proxy generated BYEs or using 
mediaproxy to break the media path.

-- 
Dan



More information about the Users mailing list