<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Brian West wrote:
<blockquote cite="mid:D83C1854-5C0C-4238-852C-A7CA28513AA7@mac.com"
type="cite">
<pre wrap="">On Dec 26, 2007, at 8:02 AM, David Knell wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Less wordily, any user can get any other user's calls by changing
their SIP username
to match that user's.
</pre>
</blockquote>
<pre wrap=""><!---->
How can they do that if auth calls is turned on? If you have blind
reg on then sure someone could.
</pre>
</blockquote>
They can do it because their SIP username is not necessarily the same
as the name<br>
used for authentication, and its the SIP username that's used for call
routing. Here's a bit<br>
of a REGISTER:<br>
<br>
Via: SIP/2.0/UDP
192.168.0.103:42074;branch=z9hG4bK-d8754z-894af021546db132-1---d8754z-;rport<br>
Max-Forwards: 70<br>
Contact:
<a class="moz-txt-link-rfc2396E" href="sip:sipusername@75.71.186.17:42074;rinstance=65c73083353adf9d"><sip:sipusername@75.71.186.17:42074;rinstance=65c73083353adf9d></a>;expires=0<br>
To: "sipdisplayname"<a class="moz-txt-link-rfc2396E" href="sip:sipusername@78.129.143.200"><sip:sipusername@78.129.143.200></a><br>
From:
"sipdisplayname"<a class="moz-txt-link-rfc2396E" href="sip:sipusername@78.129.143.200"><sip:sipusername@78.129.143.200></a>;tag=b2127143<br>
Call-ID: NjY0MmU5ZjhhMTJhZmFlYWJhMmM4MDY3NTVjZjlkYWI.<br>
CSeq: 3 REGISTER<br>
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE,
SUBSCRIBE, INFO<br>
User-Agent: eyeBeam release 1013t stamp 43070<br>
Authorization: Digest
username="sipauthname",realm="78.129.143.200",nonce="2da9c5ae-b512-11dc-92d4a9bf24bac484",uri=<a class="moz-txt-link-rfc2396E" href="sip:78.129.143.200">"sip:78.129.143.200"</a>,response="c13fe382888ec016e234595b608caab0",cnonce="780c520efb22fe9fdf270fd8cd5e2a28",nc=00000002,qop=a<br>
Content-Length: 0<br>
<br>
- note that sipdisplayname, sipusername and sipauthname are all
distinct.<br>
<br>
--Dave<br>
<br>
</body>
</html>