A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Addressing an Amplification Vulnerability in Session Initiation Protocol (SIP) Servers
Author(s) : T. Zourzouvillys
Filename : draft-zourzouvillys-sip-via-cookie-00.txt
Pages : 13
Date : 2009-02-19
This document addresses a vulnerability in publicly accessible SIP
servers (servers includes both UASes and proxies) that enables them
to be used as an amplifier in a reflected denial of service attack.
As a proposed solution, a mechanism for stateless cookie exchange
between a SIP server and client to ensure that a public SIP server
that wishes to accept SIP requests from hosts over datagram can not
be used as an amplifier for a denial of service attack.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-zourzouvillys-sip-via-cookie-00.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-zourzouvillys-sip-via-cookie-00.txt>
-
_______________________________________________
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
