[a bit of thinking-out-load, sorry about that] hello, we're moving to asterisk 13 with chan_pjsip and i was planning on learning about inner workings of pjsip since we offer some features via couple of patches to old chan_sip which are to be updated to work with pjsip. that is of course if those features are not offered by pjsip... then this came up which i though could be a good learning project: some of our clients edge device still use old NAT and apparently that allows communication over an open port (in this case we care about whatever SIP port we're using) to go through without cross checking the sending machine's ip. huge security hole since sniffing out those old routers is all needed to get a hold of the phones and it's a walk in the park from there on. i think, for now, best is to upgrade those routers but first i need to find them. i am wondering what your thoughts are on how to go about finding those clients? as an idea, i thought -- in the words of the dear Brick Top -- why not try a righteous infliction of retribution manifested by an appropriate agent, personified in this case by an horrible aunt, me. [wait what] put simply i thought i would run the attack on clients' routers and see which one responds. given that scenario, at minimum, what should be sent from a make-believe attacking machine? an INVITE perhaps? or do whatever asterisk does when asking peers to 'qualify' and see if i can get credentials exposed that way. (can't find QUALIFY in rfcs though) jrun _______________________________________________ Visit our blog: http://blog.pjsip.org pjsip mailing list pjsip@xxxxxxxxxxxxxxx http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org
