Hi Inaki, Some inline notes :) :
Iñaki Baz Castillo wrote: > 2009/4/30 Dan Pascu <d...@ag-projects.com>: > >> I'm sure there is this kind (and unfortunately not in short supply), but >> you do realize that if some employee has a expertise to hack a SIP device >> to send abnormal BYE requests that attempt to fake the closing of the SIP >> session while preventing the media from closing, he also has the much >> simpler expertise to use skype or an un-hacked SIP device with a public, >> free, unaccounted SIP service. That boss cannot win this fight, though I >> have a feeling he is not willing to listen to reason. >> >> To be honest, I do not think there is an enforceable solution for such a >> case. No matter if you use session timers, or even if you use a media >> relay, the employees can always chose to use skype or another means to >> communicate which goes around the system completely. >> > > Yes, I agree on it. However I just wanted to mean that using a > media-proxy is not the best solution for all the cases, specially when > clients are behind same NAT (an office for example) from the open internet, you cannot tell (100% sure) if two devices are in the same subnet! it is a bit risky. > and the PBX/Proxy > is hosted in some datacenter. > Also, for calls to a gateway in our same datacenter, forcing the RTP > through a media-proxy is not the only solution. Using SessionTimers > (so a B2BUA is required and not just a proxy) is also a good solution > (and cheaper since no servers are needed for relaying the media). > I tend to agree SST is more efficient, but : (1) less accurate (20 minute timer has a good error :D) , (2) not widely supported by all devices and (3) exposed to hacks (as it is signalling, the same as acc). Regards, Bogdan > Just my opinion. Regards. > > > _______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users