[OpenSIPS-Users] From Header field Domain/IP address use by remote system
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Fri Feb 26 16:57:24 CET 2010
Hi Julien,
doing IP based auth by the FROM domain is really insecure - only the IP
at network level may be trusted.
But if you want to change the FROM URI to reflect some IP address, use
uac_replace_from() from UAC module - it will do it in RFC complaint way.
Regards,
Bogdan
Julien Chavanton wrote:
> Hi, I have noticed that some SIP system are using the "From:" header
> field domain/IP to authenticate or do some routing operation instead
> of the sending IP address.
>
> If they authenticate only on the "From:" header field, I guess they
> could be vulnarable to spoofing.
>
> Anyhow, I am wandering if we should replace the From header field IP
> address with the one of the SIP proxy even if this is not RFC
> recommended for a proxy ?
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
--
Bogdan-Andrei Iancu
www.voice-system.ro
More information about the Users
mailing list