Hi Aaron: Not a SIP expert, but I think I have a clue. I think there is a single answer to both of your questions... Answer is to use Session Expiry. Basically a NSP/TSP should enfore Session Exipery using Session Timers. Session should terminate in a pre-determined amount of time, unless the UA refreshes it. There's a catch though, if the DoS is due to a malicious UA, then it may keep refreshing the Session-Timer, in which case the only protection you have is Authentication of user, and Authorization... If inspite of a good-AA you still have a malicious intrusion, you need some heuristics based monitoring things...
thanks & regards, bani > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Dhiman, Aaron > Sent: Thursday, January 20, 2005 8:48 PM > To: SIP-list (E-mail) > Subject: [Sip-implementors] Couple of Questions > > 1. How is DoS generally prevented in the case of users' > setting up multiple calls and getting allocated media > resources, but never sending a BYE (assuming that the session > has no life-span)? > > 2. A related Question: How do you mitigate billing if a > user's BYE is lost for some reason (like abnormal client termination)? > > > Thanks, > > Aaron Dhiman > Nextel Communications > Engineering Development > Yahoo! IM: aarondhiman > Mobile: 571-220-9678 > > > _______________________________________________ > Sip-implementors mailing list > [email protected] > http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors > > _______________________________________________ Sip-implementors mailing list [email protected] http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
