< Previous by Date Date Index Next by Date >
< Previous in Thread Thread Index Next in Thread >

RE: [reSIProcate] how to drop incoming packets at the socket (transport) layer


Hi Jason,

This solution still requires parsing a SIP message, which makes it
vulnerable to attacks on the parser.  

I believe that software applications should have some awareness of system
level security, should not assume that someone else will solve this problem
completely and provide whatever reasonable means to help facilitate an
overall solution to security.  Exposing an incoming packet's source
information, I believe, is a reasonable means of adding to an applications
overall security solution.

Thanks,

-Justin

-----Original Message-----
From: jason.fischl@xxxxxxxxx [mailto:jason.fischl@xxxxxxxxx] On Behalf Of
Jason Fischl
Sent: Saturday, January 07, 2006 12:01 PM
To: Justin Matthews
Cc: Alan Hawrylyshen; resiprocate-devel@xxxxxxxxxxxxxxxxxxx
Subject: Re: [reSIProcate] how to drop incoming packets at the socket
(transport) layer

>
> 1) This is directly related to security, which will be an increasingly
> important issue in the SIP space.

I think the IETF approach to this problem is to use the sip-identity
mechanism specified in
http://www.softarmor.com/wgdb/docs/draft-ietf-sip-identity-05.txt.