[OpenSIPS-Users] From Header field Domain/IP address use by remote system

Julien Chavanton jc at atlastelecom.com
Wed Feb 24 19:11:16 CET 2010


Hi, I have noticed that some SIP system are using the "From:" header field domain/IP to authenticate or do some routing operation instead of the sending IP address.
 
If they authenticate only on the "From:" header field, I guess they could be vulnarable to spoofing.
 
Anyhow, I am wandering if we should replace the From  header field IP address with the one of the SIP proxy even if this is not RFC recommended for a proxy ?
 
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20100224/bbf3d0fe/attachment.htm 


More information about the Users mailing list