[Freeswitch-users] OT: SIP and IP spoofing

Michael Giagnocavo mgg at giagnocavo.net
Wed Mar 3 16:31:54 PST 2010


Without knowing more about your account and provider, perhaps they have had issues with users getting their accounts hacked, so they added on IP authentication in addition to diget? Or maybe they've had issues with IP-auth people still having DoS type attacks by sending fake INVITEs and using up credit a bit at a time, so they added on digest? Or maybe they're paranoid?

-Michael


From: freeswitch-users-bounces at lists.freeswitch.org [mailto:freeswitch-users-bounces at lists.freeswitch.org] On Behalf Of Jonas Gauffin
Sent: Wednesday, March 03, 2010 1:07 AM
To: freeswitch-users at lists.freeswitch.org
Subject: [Freeswitch-users] OT: SIP and IP spoofing

Hello,

My sip gateway provider are using both IP address locking (only my servers IP addresses can use my gateway account) and Digest authentication on every call.
I asked why and they said that the account would be vulnerable to IP spoofing otherwise. Is that possible? I mean, if someone fakes my servers IP address in the packets, shouldn't the responses be sent back to my server and not the one creating the fake packets? Are there any other reasons to use both ip locking and digest authentication?

Regards,
  Jonas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20100303/9d9476fd/attachment-0002.html 


More information about the FreeSWITCH-users mailing list