83d7535d84
coturn will send 401 when receiving UDP packets with forged source IP. this can cause a flood of 401s at the victim. the primary concern appears to be that these packets are quite large compared to handshake packets below. TCP is also affected but effects are minimal because they will get discarded at the connection handshake level. UDP/TLS (DTLS) has similar handshake mechanism of TCP and effects are minimal. https://forum.cloudron.io/topic/13855/reflection-attack-via-stun-turn https://github.com/coturn/coturn/pull/1588
11 KiB
Executable File
11 KiB
Executable File