Re: [Sip-implementors] Fraudulent BYE through a proxy doing accounting

Thu, 18 Dec 2008 03:10:40 -0800 

On Thu, Dec 18, 2008 at 11:44 AM, Iñaki Baz Castillo <i...@aliax.net> wrote:
> Hi, I really wonder how vulnerable can be a proxy for accounting
> purposes (even if I already know it's commonly implemented).
> Theorically a proxy doesn't need to be dialog aware, it must be
> transaction aware, so when an INVITE/CANCEL/BYE arrives it sends the
> accounting info (for example, using Radius).
>
> Let me explain the following case:
>
>
> --------------------------------------------------------------------------
> alice                         proxy (Acc)                    gateway
>
> INVITE (CSeq 12)  ------>
> <-------- 407 Proxy Auth
>
> INVITE (CSeq 13)  ------>
>                                              INVITE (CSeq 13)  ------>
>                                              <------------------- 200 Ok
> <------------------- 200 Ok
>                          << Acc START >>
> ACK (CSeq 13) ----------->
>                                              ACK (CSeq 13) ----------->
>
> <******************* RTP ************************>
>
> # Fraudulent BYE !!!
> BYE (CSeq 10) ----------->
>                          << Acc STOP >>
>                                              BYE (CSeq 10) ----------->
>                                              <-- 500 Req Out of Order
> <-- 500 Req Out of Order
> --------------------------------------------------------------------------
>
> The call hasn't finished, but the proxy has ended the accounting for
> this call since it received a BYE.
>
> So, the caller/attacker just needs to send a BYE with lower CSeq (or
> the same as the last in-dialog request) so the UAS will ignore it (500
> "Request Out Of Order"). But since the proxy doesn't know about
> dialogs, it will perform the Acc STOP action for that call (From_tag,
> To_tag, Call-ID).
>
>
> How could a non dialog awareness proxy solve it?

In case you want to prevent "external_attackers", the proxy may ask
for authentication once it receives the BYE request (as you show for
the initial INVITE message):

alice                         proxy (Acc)                    gateway

BYE  ------>
<-------- 407 Proxy Auth

BYE  ------>
                          << Acc STOP >>

To prevent from "your own customers", use a dialog stateful proxy for accounting
-- 
Victor Pascual Ávila

_______________________________________________
Sip-implementors mailing list
Sip-implementors@lists.cs.columbia.edu
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors

Reply via email to