Bug #2669: osm-msc doesn't clean up BSC state - OsmoMSC - Open Source Mobile Communications

Actions

Copy link

Bug #2669

open

osm-msc doesn't clean up BSC state

Added by laforge over 6 years ago. Updated over 5 years ago.

Status:

New

Priority:

Low

Assignee:

osmith

Category:

A interface (general)

Target version:

Start date:

11/20/2017

Due date:

% Done:

Resolution:

Spec Reference:

Description

If a BSC has ever sent a BSSMAP RESET to OsmoMSC we acknowledge this with a RESET-ACK. But then it appears we keep its state indefinitely and want to perform a MSC-originated RESET procedure in return. If the BSC never gets back, this process appears to continue indefinitely.

This is bad, as it means that anyone ever sending/spoofing a single "BSSMAP RESET" to OsmoMSC will be able to turn it into an "amplification attack" with OsmoMSC sending BSSMAP RESET in return.

In order to avoid this, we should probably do both of:

stop re-transmitting the BSSMAP RESET after some point and simply forget about the BSCs
introduce a "locked down" mode in which we don't accept BSSMAP from any random source out there, but only explicitly configured BSCs (in the VTY)

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Cellular Network Infrastructure » Core Network (CN) » OsmoMSC

Custom queries

Bug #2669

osm-msc doesn't clean up BSC state

Updated by laforge over 6 years ago

Updated by laforge over 6 years ago

Updated by dexter about 6 years ago

Updated by dexter about 6 years ago

Updated by laforge over 5 years ago