< Previous by Date	Date Index	Next by Date >
	Thread Index	Next in Thread >

[reSIProcate] how to drop incoming packets at the socket (transport) layer

From: "Justin Matthews" <jmatthewsr@xxxxxxxxx>
Date: Thu, 5 Jan 2006 11:30:35 -0500

Hi,

In most cases our app is deployed with known endpoints.  In this scenario we
can make our app drop incoming packets from unknown endpoints.  If the
packets can be dropped at the network layer, they are never parsed and our
app is that much more secure against DoS and other attacks.  

It is pretty straightforward to modify the Transport/socket related code to
do this, but I am looking for a way in which the resip group would accept a
more general pre-screening solution at the socket layer.  One proposal would
be to add a screening class when calling SipStack::addTransport.  This class
would be able to screen incoming data directly from a socket based on the
transport.  The implementation of the screening is up to the user, in my
case I would check the incoming IP address and allow or disallow the
processing of the packet.

Any thoughts?

Thanks,

-Justin

Follow-Ups:
- Re: [reSIProcate] how to drop incoming packets at the socket (transport) layer
  - From: Alan Hawrylyshen

Prev by Date: [reSIProcate] is there any presence server using resip?
Next by Date: [reSIProcate] Support for wince under Visual C++ 8(VS 2005)
Previous by thread: RE: [reSIProcate] Parsing a custom header
Next by thread: Re: [reSIProcate] how to drop incoming packets at the socket (transport) layer
Index(es):
- Date
- Thread