[VOIPSEC] RE: Preventing rogue RTP streams
Geoff Devine
gdevine at cedarpointcom.com
Thu May 19 06:36:37 CDT 2005
If you don't have a network device between the two endpoints to perform admission control, there is no way to prevent this condition. In theory, a SIP-aware NAT/Firewall device could shut the pin hole for the RTP stream when they see a SIP BYE. In this case, the admission control is done by your home or corporate NAT/Firewall instead of an SBC. Of course, this only works if you are signaling in the clear. As soon as you turn on SIP encryption, you're out of luck.
Geoff
________________________________
From: "Nhut Nguyen" <nnguyen at sta.samsung.com>
Subject: [VOIPSEC] Preventing rogue RTP streams
Hello everyone!
Since in SIP RTP packets are sent end-to-end how one can prevent SIP
endpoints to send RTP packets after a session was closed? I know that
SBCs handle this issue but am wondering if there are any other
solutions. Any pointers?
Thanks!
More information about the Voipsec
mailing list