Hi Gavin, I thought to do something similar ;)
As I can see in the code, you count somebody as a bad actor just because of one UDP packet is received. It is a bad idea, because it is easy to spoof that packet and make a DoS against some good actor.
Right way: you have to simulate a SIP dialog with this actor, i.e. reply them something and wait for the reaction. If the reaction will be like in a normal SIP call processing - congratulations, you found a hacker! If not, like you sent them a packet they do not expect - it is a DoS and a spoofed packet.
24.11.21 23:19, Gavin Henry пише:
Hi all, I hope you don't mind the post, but thought this might be of use and in the spirit of release early, release often I've done an alpha release: https://github.com/SentryPeer/SentryPeer There's a presentation too if you'd like to watch/read where I hope to go with this: https://blog.tadsummit.com/2021/11/17/sentrypeer/ Working on the API and web UI next, then the p2p part of it. Feel free to submit any feature requests or have a play :-) Thanks for reading and any feedback is welcome!
