-
-
Notifications
You must be signed in to change notification settings - Fork 147
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[RESEARCH]: Enhancing ACL effectiveness against spoofing #247
Comments
As of today, I'm restarting this research. The current approach I'm investigating combines the From, Request-URI, Via, Contact, and Route headers. The idea is to create an algorithm that examines various headers based on a selected policy. The policy will indicate which header(s) to consider. For example, the following ACL mandates using the Contact header as the primary source of trust:
Since these headers are crucial for delivering SIP messages, this approach seems to be the most reasonable way to implement this feature. |
Is your feature request related to a problem?
Research and validate methods to enhance ACL's resilience to spoofing
Describe the solution you'd like
NA
Describe alternatives you've considered
None
Additional context
In a Kubernetes environment, Routr faces challenges with ACL due to obfuscated IP addresses. IPs are sourced from SIP headers, which are not immune to spoofing.
The text was updated successfully, but these errors were encountered: