Configuring Sip Message Policy Rules - AudioCodes Mediant 800B User Manual

User's Manual
17.5

Configuring SIP Message Policy Rules

You can configure SIP message policy rules for blocking (blacklist) unwanted incoming SIP
messages or allowing (whitelist) receipt of desired messages. This feature allows you to
define legal and illegal characteristics of a SIP message. Message policies can be applied
globally (default) or per signaling domain by assigning it to a SIP interface in the SIP
Interface table (see 'Configuring SIP Interface Table' on page 203).
This feature is helpful against VoIP fuzzing (also known as robustness testing), which
sends different types of packets to its "victims" for finding bugs and vulnerabilities. For
example, the attacker might try sending a SIP message containing either an over-sized
parameter or too many occurrences of a parameter.
Each message policy rule can be configured with the following:

Maximum message length

Maximum SIP header length

Maximum message body length

Maximum number of headers

Maximum number of bodies

Option to send 400 "Bad Request" response if message request is rejected

Blacklist and whitelist for defined SIP methods (e.g., INVITE)

Blacklist and whitelist for defined SIP bodies
Note:

To configure SIP message policy rules:
1. Open the Message Policy Table page (Configuration tab > VoIP menu > SIP
Definitions > Msg Policy & Manipulation > Message Policy Table).
2. Click the Add button; the Add Record dialog box appears:
Figure ‎ 1 7-6: Message Policy Table - Add Record Dialog Box
The policy defined above limits SIP messages to 32,768 characters, headers to 256
characters, bodies to 512 characters, number of headers to 16, and only permits two
Version 6.6
The Message Policy table can also be configured using the table ini file
parameter, MessagePolicy.
233
‎ 1 7. SIP Definitions
Mediant 800B GW & E-SBC