< Previous by Date	Date Index	Next by Date >
< Previous in Thread	Thread Index	Next in Thread >

RE: [reSIProcate] how to drop incoming packets at the socket (transport) layer

From: "Justin Matthews" <jmatthewsr@xxxxxxxxx>
Date: Mon, 9 Jan 2006 09:33:47 -0500

Hi Jason,

This solution still requires parsing a SIP message, which makes it
vulnerable to attacks on the parser.  

I believe that software applications should have some awareness of system
level security, should not assume that someone else will solve this problem
completely and provide whatever reasonable means to help facilitate an
overall solution to security.  Exposing an incoming packet's source
information, I believe, is a reasonable means of adding to an applications
overall security solution.

Thanks,

-Justin

-----Original Message-----
From: jason.fischl@xxxxxxxxx [mailto:jason.fischl@xxxxxxxxx] On Behalf Of
Jason Fischl
Sent: Saturday, January 07, 2006 12:01 PM
To: Justin Matthews
Cc: Alan Hawrylyshen; resiprocate-devel@xxxxxxxxxxxxxxxxxxx
Subject: Re: [reSIProcate] how to drop incoming packets at the socket
(transport) layer

>
> 1) This is directly related to security, which will be an increasingly
> important issue in the SIP space.

I think the IETF approach to this problem is to use the sip-identity
mechanism specified in
http://www.softarmor.com/wgdb/docs/draft-ietf-sip-identity-05.txt.

References:
- Re: [reSIProcate] how to drop incoming packets at the socket (transport) layer
  - From: Jason Fischl

Prev by Date: Re: [reSIProcate] shutdown stack and DUM.
Next by Date: Re: [reSIProcate] how to drop incoming packets at the socket (transport) layer
Previous by thread: Re: [reSIProcate] how to drop incoming packets at the socket (transport) layer
Next by thread: Re: [reSIProcate] how to drop incoming packets at the socket (transport) layer
Index(es):
- Date
- Thread