Search RFCs
RFC 5393
Addressing an Amplification Vulnerability in Session Initiation Protocol (SIP) Forking Proxies,December 2008
- File formats:
- Status:
- PROPOSED STANDARD
- Updates:
- RFC 3261
- Authors:
- R. Sparks, Ed.
S. Lawrence
A. Hawrylyshen
B. Campen - Stream:
- IETF
- Source:
- sip (rai)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC5393
Discuss this RFC: Send questions or comments to the mailing listsipcore@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 5393
Abstract
This document normatively updates RFC 3261, the Session InitiationProtocol (SIP), to address a security vulnerability identified in SIPproxy behavior. This vulnerability enables an attack against SIPnetworks where a small number of legitimate, even authorized, SIPrequests can stimulate massive amounts of proxy-to-proxy traffic.
This document strengthens loop-detection requirements on SIP proxieswhen they fork requests (that is, forward a request to more than onedestination). It also corrects and clarifies the description of theloop-detection algorithm such proxies are required to implement.Additionally, this document defines a Max-Breadth mechanism forlimiting the number of concurrent branches pursued for any givenrequest. [STANDARDS-TRACK]
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.