I-D Action:draft-zourzouvillys-sip-via-cookie-02.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : Addressing an Amplification Vulnerability in Session Initiation Protocol (SIP) Servers
	Author(s)       : T. Zourzouvillys
	Filename        : draft-zourzouvillys-sip-via-cookie-02.txt
	Pages           : 20
	Date            : 2009-03-02

This document addresses a vulnerability in publicly accessible SIP
servers (servers includes both UASes and proxies) that enables them
to be used as an amplifier in an untracable reflected denial of
service attack.  The amplification ratio is between 1:10 to over
1:350 in both packets and bytes.

As a proposed solution, a mechanism for stateless cookie exchange
between a SIP server and client to ensure that a public SIP server
that wishes to accept SIP requests from hosts over datagram can not
be used as an amplifier for a denial of service attack.  This brings
SIP over datagram transports (such as UDP) in line with TCP in terms
of routability to the source IP address.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-zourzouvillys-sip-via-cookie-02.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
<ftp://ftp.ietf.org/internet-drafts/draft-zourzouvillys-sip-via-cookie-02.txt>
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux