
<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

  </head>

  <body bgcolor="#FFFFFF" text="#000000">

    <tt>Hi Carlos,<br>

      <br>

      See inline<br>

    </tt>

    <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu


OpenSIPS Founder and Developer

  <a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a>

OpenSIPS Summit 2018

  <a class="moz-txt-link-freetext" href="http://www.opensips.org/events/Summit-2018Amsterdam">http://www.opensips.org/events/Summit-2018Amsterdam</a>

</pre>

    <div class="moz-cite-prefix">On 03/12/2018 12:58 PM, Carlos Oliva

      wrote:<br>

    </div>

    <blockquote type="cite"

cite="mid:CAPsm+21GYKe8pcBQkVXh1WcUYm-GDujPPdoVPns39dZqMb_ZRw@mail.gmail.com">

      <div dir="ltr">

        <div>

          <div>

            <div>

              <div>

                <div>Hi List:<br>

                  <br>

                </div>

                I have some questions about mediaproxy 2 ad rtpbleed

                vulnerability <a href="https://www.rtpbleed.com/"

                  moz-do-not-send="true">https://www.rtpbleed.com/</a><br>

                <br>

              </div>

              Is MediaProxy 2  vulnerable to this attack?<br>

            </div>

          </div>

        </div>

      </div>

    </blockquote>

    Not 100% sure, but given the way mediaproxy worsk, I would say yes.<br>

    <blockquote type="cite"

cite="mid:CAPsm+21GYKe8pcBQkVXh1WcUYm-GDujPPdoVPns39dZqMb_ZRw@mail.gmail.com">

      <div dir="ltr">

        <div>

          <div>

            <div><br>

              If so, the media can be hijacked only at very begining or<span

                lang="en"> throughout the entire call</span>? <br>

            </div>

          </div>

        </div>

      </div>

    </blockquote>

    only at the beginning when the other end of the media leg is learned

    based on the incoming traffic.<br>

    <blockquote type="cite"

cite="mid:CAPsm+21GYKe8pcBQkVXh1WcUYm-GDujPPdoVPns39dZqMb_ZRw@mail.gmail.com">

      <div dir="ltr">

        <div>

          <div>

            <div><br>

              If an attacker hijacks the media the other party will stop

              hears the call or the RTP will be send to both ends?<br>

            </div>

          </div>

        </div>

      </div>

    </blockquote>

    IF the hijack is done, the regular user will not send  / receive any

    more RTP traffic as  the media server will talk only to the hijacker

    .<br>

    <blockquote type="cite"

cite="mid:CAPsm+21GYKe8pcBQkVXh1WcUYm-GDujPPdoVPns39dZqMb_ZRw@mail.gmail.com">

      <div dir="ltr">

        <div>

          <div>

            <div><br>

            </div>

            <div><br>

            </div>

            Thanks for your help!<br>

            <br>

          </div>

          thanks and Regards,<br>

          <br>

        </div>

        Carlos Oliva<b><br clear="all">

        </b>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

Users mailing list

<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>

<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>

</pre>

    </blockquote>

    <br>

  </body>

</html>