Re: [Sip] draft-state-sip-relay-attack-00
Victor Pascual Ávila <victor.pascual.avila@gmail.com> Sat, 07 March 2009 21:14 UTC
Return-Path: <victor.pascual.avila@gmail.com>
X-Original-To: sip@core3.amsl.com
Delivered-To: sip@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C76053A6A2A for <sip@core3.amsl.com>; Sat, 7 Mar 2009 13:14:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.299
X-Spam-Level:
X-Spam-Status: No, score=-2.299 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4gG87bEAZ+Lb for <sip@core3.amsl.com>; Sat, 7 Mar 2009 13:14:57 -0800 (PST)
Received: from mail-ew0-f177.google.com (mail-ew0-f177.google.com [209.85.219.177]) by core3.amsl.com (Postfix) with ESMTP id 83B083A68A4 for <sip@ietf.org>; Sat, 7 Mar 2009 13:14:56 -0800 (PST)
Received: by ewy25 with SMTP id 25so476060ewy.37 for <sip@ietf.org>; Sat, 07 Mar 2009 13:15:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=9i80R5JUSyrpBv8Iafx0efVEFjuziBwLQx73GaVSUho=; b=M6IRolSRjdZQLnHzN/rhodMaW76F0yIBWujRpKKL6Ydb4/x4c36ep30jWIk85oY2KE gaA3wgkw1+tniCNTxUYUoWqMSFoBuTZdfUyUE1UrzWZ5GtdK+cffPnmAwl6Woz5ky0Fj HLIv7hn8uM5oBuXdd6BQfel7XZ/aI0Vn8Qtg0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=R68cwbg1MppSxEur23ZyJqo/he3nSqZVPZJguNUHL91jeoQx495LU7E089VH797yp9 EGClij/jZpiSk7i6zK6gS0HOcO0I0jsso847AQX5Vdwn+PauqEgvWnkIbi4B/OWrZEu3 qJKhlSrxX2KFXTTMtvk4EEtu4k3zZL0lupUHE=
MIME-Version: 1.0
Received: by 10.210.125.7 with SMTP id x7mr1049608ebc.89.1236460527911; Sat, 07 Mar 2009 13:15:27 -0800 (PST)
In-Reply-To: <E6C2E8958BA59A4FB960963D475F7AC314C4DE62A5@mail>
References: <49AE593F.6080807@iptel.org> <0a8001c99d0f$0b21e210$c2f0200a@cisco.com> <49AF9FC8.2020200@iptel.org> <E6C2E8958BA59A4FB960963D475F7AC314C46BD96D@mail> <20090307195045.GC4364@x61s.janakj.ryngle.net> <E6C2E8958BA59A4FB960963D475F7AC314C4DE62A5@mail>
Date: Sat, 07 Mar 2009 22:15:27 +0100
Message-ID: <618e24240903071315r56fd9794s6273d87fcfa87508@mail.gmail.com>
From: Victor Pascual Ávila <victor.pascual.avila@gmail.com>
To: Hadriel Kaplan <HKaplan@acmepacket.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: "sip@ietf.org" <sip@ietf.org>
Subject: Re: [Sip] draft-state-sip-relay-attack-00
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sip>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Mar 2009 21:14:57 -0000
On Sat, Mar 7, 2009 at 9:45 PM, Hadriel Kaplan <HKaplan@acmepacket.com> wrote: > > >> -----Original Message----- >> From: Jan Janak [mailto:jan@ryngle.com] >> Sent: Saturday, March 07, 2009 2:51 PM >> >> I am not sure I understand how accepting/not-accepting INVITEs from >> non-registered contacts makes it different, could you elaborate? > > Assume Bob is bad, Alice is the victim. > The setup for the attack is such that Bob sends an INVITE to/through Alice's domain, pretending to be Alice. Alice's domain challenges the INVITE, which Bob passes on to Alice, and using her challenge-response Bob challenge-responds to Alice's domain. Right? > > I am arguing that in common practice (in my particular market space, anyway), Alice's domain wouldn't accept Bob's spoofed INVITE to begin with. Because it requires Bob's UA to actually be Registered as Alice in order to send in an INVITE pretending to be Alice. As an example: what would proxy.com check upon receipt of Bob's spoofed INVITE over UDP (forging packet source ip and port)? Thanks! -- Victor Pascual Ávila
- Re: [Sip] draft-state-sip-relay-attack-00 Raphael Coeffic
- Re: [Sip] draft-state-sip-relay-attack-00 Michael Procter
- Re: [Sip] draft-state-sip-relay-attack-00 Raphael Coeffic
- [Sip] draft-state-sip-relay-attack-00 Raphael Coeffic
- Re: [Sip] draft-state-sip-relay-attack-00 Dan Wing
- Re: [Sip] draft-state-sip-relay-attack-00 Theo Zourzouvillys
- Re: [Sip] draft-state-sip-relay-attack-00 Jan Janak
- Re: [Sip] draft-state-sip-relay-attack-00 Michael Procter
- Re: [Sip] draft-state-sip-relay-attack-00 Raphael Coeffic
- Re: [Sip] draft-state-sip-relay-attack-00 Nils Ohlmeier
- Re: [Sip] draft-state-sip-relay-attack-00 Theo Zourzouvillys
- Re: [Sip] draft-state-sip-relay-attack-00 Raphael Coeffic
- Re: [Sip] draft-state-sip-relay-attack-00 Dan Wing
- Re: [Sip] draft-state-sip-relay-attack-00 Raphael Coeffic
- Re: [Sip] draft-state-sip-relay-attack-00 Theo Zourzouvillys
- Re: [Sip] draft-state-sip-relay-attack-00 Hadriel Kaplan
- Re: [Sip] draft-state-sip-relay-attack-00 Hadriel Kaplan
- Re: [Sip] draft-state-sip-relay-attack-00 Theo Zourzouvillys
- Re: [Sip] draft-state-sip-relay-attack-00 Dale Worley
- Re: [Sip] draft-state-sip-relay-attack-00 Nils Ohlmeier
- Re: [Sip] draft-state-sip-relay-attack-00 Theo Zourzouvillys
- Re: [Sip] draft-state-sip-relay-attack-00 Nils Ohlmeier
- Re: [Sip] draft-state-sip-relay-attack-00 Jan Janak
- Re: [Sip] draft-state-sip-relay-attack-00 Jan Janak
- Re: [Sip] draft-state-sip-relay-attack-00 Hadriel Kaplan
- Re: [Sip] draft-state-sip-relay-attack-00 Jan Janak
- Re: [Sip] draft-state-sip-relay-attack-00 Hadriel Kaplan
- Re: [Sip] draft-state-sip-relay-attack-00 Hadriel Kaplan
- Re: [Sip] draft-state-sip-relay-attack-00 Victor Pascual Ávila
- Re: [Sip] draft-state-sip-relay-attack-00 Theo Zourzouvillys
- Re: [Sip] draft-state-sip-relay-attack-00 Hadriel Kaplan
- Re: [Sip] draft-state-sip-relay-attack-00 Hadriel Kaplan
- Re: [Sip] draft-state-sip-relay-attack-00 Nils Ohlmeier
- Re: [Sip] draft-state-sip-relay-attack-00 Theo Zourzouvillys
- Re: [Sip] draft-state-sip-relay-attack-00 Hadriel Kaplan
- Re: [Sip] draft-state-sip-relay-attack-00 Hadriel Kaplan
- Re: [Sip] draft-state-sip-relay-attack-00 Raphael Coeffic
- Re: [Sip] draft-state-sip-relay-attack-00 Nils Ohlmeier
- Re: [Sip] draft-state-sip-relay-attack-00 Hadriel Kaplan
- Re: [Sip] draft-state-sip-relay-attack-00 Raphael Coeffic
- Re: [Sip] draft-state-sip-relay-attack-00 Scott Lawrence
- Re: [Sip] draft-state-sip-relay-attack-00 Hadriel Kaplan
- Re: [Sip] draft-state-sip-relay-attack-00 Raphael Coeffic
- Re: [Sip] draft-state-sip-relay-attack-00 Nils Ohlmeier
- Re: [Sip] draft-state-sip-relay-attack-00 Victor Pascual Ávila
- Re: [Sip] draft-state-sip-relay-attack-00 Nils Ohlmeier
- Re: [Sip] draft-state-sip-relay-attack-00 Jonathan Rosenberg
- Re: [Sip] draft-state-sip-relay-attack-00 Raphael Coeffic
- Re: [Sip] draft-state-sip-relay-attack-00 Jonathan Rosenberg
- Re: [Sip] draft-state-sip-relay-attack-00 Nils Ohlmeier
- Re: [Sip] draft-state-sip-relay-attack-00 Raphael Coeffic
- Re: [Sip] draft-state-sip-relay-attack-00 Victor Pascual Ávila
- Re: [Sip] draft-state-sip-relay-attack-00 Jiri Kuthan