Project

General

Profile

Actions

Feature #6374

closed

Sticky buffers for sip headers

Added by Giuseppe Longo over 1 year ago. Updated 3 months ago.

Status:
Closed
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:

Description

A common attack on sip servers consists of putting SQL injection or JS code into request headers.
Implementing sticky buffers that inspects on headers will permit to detect those attacks.

I propose to start adding keywords for the following fields:

- Via
- From
- To
- User-agent
- Content-type
- Content-length

Actions

Also available in: Atom PDF