User's Manual 374 Document #: LTRT-27045
Mediant 1000B Gateway & E-SBC
Parameter Description
[MessageManipulations_Acti
onValue]
The default value is a string (case-insensitive) in the following syntax:
string/<message-element>/<call-param> +
string/<message-element>/<call-param>
For example:
'itsp.com'
header.from.url.user
param.call.dst.user
param.call.dst.host + '.com'
param.call.src.user + '<' + header.from.url.user + '@' + header.p-
asserted-id.url.host + '>'
Note: Only single quotation marks must be used.
18.4 Configuring SIP Message Policy Rules
The Message Policies table lets you configure up to 20 SIP Message Policy rules. SIP
Message Policy rules are used to block (blacklist) unwanted incoming SIP messages or
permit (whitelist) receipt of desired SIP messages. You can configure legal and illegal
characteristics of SIP messages. This feature is helpful against VoIP fuzzing (also known
as robustness testing), which sends different types of packets to its "victims" for finding
bugs and vulnerabilities. For example, the attacker might try sending a SIP message
containing either an oversized parameter or too many occurrences of a parameter.
You can also enable the Message Policy to protect the device against incoming SIP
messages with malicious signature patterns, which identify specific scanning tools used by
attackers to search for SIP servers in a network. To configure Malicious Signatures, see
''Configuring Malicious Signatures'' on page 701.
Each Message Policy rule can be configured with the following:
Maximum message length
Maximum header length
Maximum message body length
Maximum number of headers
Maximum number of bodies
Option to send 400 "Bad Request" response if message request is rejected
Blacklist and whitelist for defined methods (e.g., INVITE)
Blacklist and whitelist for defined bodies
Malicious Signatures
The Message Policies table provides a default Message Policy called "Malicious Signature
DB Protection" (Index 0), which is based only on Malicious Signatures and discards SIP
messages identified with any of the signature patterns configured in the Malicious
Signature table.
To apply a SIP Message Policy rule to calls, you need to assign it to the SIP Interface
associated with the relevant IP Group (see ''Configuring SIP Interfaces'' on page 326).
The following procedure describes how to configure Message Policy rules through the Web
interface. You can also configure it through ini file (MessagePolicy) or CLI (configure voip >
message message-policy).
To configure SIP Message Policy rules:
1. Open the Message Policies table (Setup menu > Signaling & Media tab > Message
To Next Page
Loading...
Need help?
General
