Discussion:
[Sip-implementors] Malicious Call Trace
Rastogi, Vipul (Vipul)
2009-04-20 07:12:49 UTC
Permalink
In case, called party (SIP endpoint) identifies, that current active
call is malicious, what message should it's B2Bua send to caller party
side (assuming to SIP end-point) ?
Also for next call from same caller (to same called party), what failure
error code be send back.
Thanks,
Vipul
Iñaki Baz Castillo
2009-04-20 07:50:05 UTC
Permalink
Post by Rastogi, Vipul (Vipul)
In case, called party (SIP endpoint) identifies, that current active
call is malicious, what message should it's B2Bua send to caller party
side (assuming to SIP end-point) ?
The first question I'd do is: how does the called party inform its
B2BUA about that malicius caller? perhaps via a web interface? Let's
assume it.
Post by Rastogi, Vipul (Vipul)
Also for next call from same caller (to same called party), what failure
error code be send back.
I expect that a "403 Forbidden" is enough good for this. But you could
also check the DERIVE draft in which a new SIP code is created to
reject calls from spoofed callers.
--
I?aki Baz Castillo
<ibc at aliax.net>
Peter Nijhuis
2009-04-20 08:38:03 UTC
Permalink
First there should be checked if the call is malicious. If checked an confirmed malicious, "403 Forbidden" should be a good response.

Acoording to the draft-kuthan-sip-derive-00. If a caller could not be verified correctly "434 Suspicious call" should be send. Based on verified identity a call can be accepted or rejected. This draft does not suite the situation where an active call is already been established. The draft just describes how to verify the UAC and how to respond.

So how can the UAS identify if a call is malicious during the call. Normally it should be checked before sending the 180 ACK.

Met vriendelijke groet, with kind regards, mit freundlichen Gru?
?
Televersal Support Center

Peter Nijhuis
-----Original Message-----
From: sip-implementors-bounces at lists.cs.columbia.edu [mailto:sip-
implementors-bounces at lists.cs.columbia.edu] On Behalf Of I?aki Baz
Castillo
Sent: maandag 20 april 2009 9:50
To: Rastogi, Vipul (Vipul)
Cc: sip-implementors at lists.cs.columbia.edu
Subject: Re: [Sip-implementors] Malicious Call Trace
Post by Rastogi, Vipul (Vipul)
In case, called party (SIP endpoint) identifies, that current active
call is malicious, what message should it's B2Bua send to caller
party
Post by Rastogi, Vipul (Vipul)
side (assuming to SIP end-point) ?
The first question I'd do is: how does the called party inform its
B2BUA about that malicius caller? perhaps via a web interface? Let's
assume it.
Post by Rastogi, Vipul (Vipul)
Also for next call from same caller (to same called party), what
failure
Post by Rastogi, Vipul (Vipul)
error code be send back.
I expect that a "403 Forbidden" is enough good for this. But you could
also check the DERIVE draft in which a new SIP code is created to
reject calls from spoofed callers.
--
I?aki Baz Castillo
<ibc at aliax.net>
_______________________________________________
Sip-implementors mailing list
Sip-implementors at lists.cs.columbia.edu
https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
Avasarala Ranjit-A20990
2009-04-20 09:17:43 UTC
Permalink
Hi Vipul

Check this I-D :
http://tools.ietf.org/html/draft-avasarala-sipping-reason-header-dynamic
-icb-00 . Here I try to address this issue by proposing a new SIP Reason
header protocol value to be included in outgoing BYE message to indicate
to SIP server that the call is unwanted and the caller should be blocked
either permanently or for a temporary period

Subsequent to blocking, the calling user would receive a 403 response or
a new 4xx indicate that the caller is a blocked caller.

Thanks


Regards
Ranjit

-----Original Message-----
From: sip-implementors-bounces at lists.cs.columbia.edu
[mailto:sip-implementors-bounces at lists.cs.columbia.edu] On Behalf Of
Rastogi, Vipul (Vipul)
Sent: Monday, April 20, 2009 12:43 PM
To: sip-implementors at lists.cs.columbia.edu
Subject: [Sip-implementors] Malicious Call Trace

In case, called party (SIP endpoint) identifies, that current active
call is malicious, what message should it's B2Bua send to caller party
side (assuming to SIP end-point) ?
Also for next call from same caller (to same called party), what failure
error code be send back.
Thanks,
Vipul

Loading...