database logo graphic

RFC 5393

"Addressing an Amplification Vulnerability in Session Initiation Protocol (SIP) Forking Proxies", December 2008

Canonical URL:
http://www.rfc-editor.org/rfc/rfc5393.txt
This document is also available in this non-normative format: PDF.
Status:
PROPOSED STANDARD
Updates:
RFC 3261
Authors:
R. Sparks, Ed.
S. Lawrence
A. Hawrylyshen
B. Campen
Stream:
IETF
Source:
sip (rai)

Cite this RFC: TXT  |  XML

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document normatively updates RFC 3261, the Session Initiation Protocol (SIP), to address a security vulnerability identified in SIP proxy behavior. This vulnerability enables an attack against SIP networks where a small number of legitimate, even authorized, SIP requests can stimulate massive amounts of proxy-to-proxy traffic. This document strengthens loop-detection requirements on SIP proxies when they fork requests (that is, forward a request to more than one destination). It also corrects and clarifies the description of the loop-detection algorithm such proxies are required to implement. Additionally, this document defines a Max-Breadth mechanism for limiting the number of concurrent branches pursued for any given request. [STANDARDS-TRACK]


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Go to the RFC Editor Homepage.