Transparent weaknesses in VoIP

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Transparent weaknesses in VoIP"

Transcription

1 Transparent weaknesses in VoIP Peter Thermos 2007 Palindrome Technologies, All Rights Reserved 1 of 56

2 Speaker Background Consulting Government and commercial organizations, consulting on information security and assurance, InfoSec program development and management, vulnerability assessments, security architecture, NGN/VoIP/IMS. Research Principal investigator on research tasks, in the area of Internet Multimedia and Next Generation Networks (VoIP) and security, that were are funded by government organizations such as NIST (National Institute of Standards and Technology), DARPA (Defense Advanced Research Agency), NSF (National Science Foundation) and others. In addition he has been working with domestic and foreign Telecommunications carriers and Fortune 500 companies on identifying security requirements for IMS/NGN and VoIP, conducting vulnerability assessments and product evaluations. Member of IETF/IEEE/ACM. Education MS,CS Columbia University 2007 Palindrome Technologies, All Rights Reserved 2 of 56

3 Outline Quick intro Then and now Attacks Transparent weaknesses MGCP ZRTP Other attacks Presence hijacking Caller-ID spoofing How do we secure NGN /VoIP networks and conclusions SiVuS 1.10 Additional references 2007 Palindrome Technologies, All Rights Reserved 3 of 56

4 Present and Future (Summary) PSTN Network Closed therefore secure High availability (99.999%) Limited connection to IP (OSS provisioning, management) IP Network Loose access controls. Best effort Connected to accessible IP networks. There There is is one one safeguard safeguard known known generally generally to to the the wise, wise, which which is is an an advantage advantage and and security security to to all, all, but but especially especially to to democracies democracies as as against against despots. despots. What What is is it? it? Distrust. Distrust... Demosthenes Demosthenes (c. (c B.C.), B.C.), Greek Greek orator. orator. Second Second Philippic, Philippic, sct. sct (344 (344 B.C.) B.C.) 2007 Palindrome Technologies, All Rights Reserved 4 of 56

5 Now - The Converged Network 2007 Palindrome Technologies, All Rights Reserved 5 of 56

6 Components and Signaling Protocols 2007 Palindrome Technologies, All Rights Reserved 6 of 56

7 Outline Quick intro Then and now Attacks Transparent weaknesses MGCP ZRTP Other attacks Presence hijacking Caller-ID spoofing How do we secure NGN /VoIP networks and conclusions SiVuS 1.10 Additional references 2007 Palindrome Technologies, All Rights Reserved 7 of 56

8 Attacks Attacks Service disruption (amplification attacks DoS/DDoS) Eavesdropping (including traffic analysis) Fraud (including service and intellectual assets, confidential information) Unauthorized access (compromise systems with intentions to attack other systems or exploit vulnerabilities to commit fraud and eavesdropping). Annoyance (e.g. SPIT) Target(s) Network Owners, Service Providers, Subscribers Network Owners, Service Providers, Subscribers Network Owners, Service Providers Network Owners, Service Providers, Subscribers Subscribers 2007 Palindrome Technologies, All Rights Reserved 8 of 56

9 Where are the vulnerabilities? Threat model, vulnerabilities originate from the difficulty to foresee future threats (e.g. Signaling System No.7) Design & specification vulnerabilities come from errors or oversights in the design of the protocol that make it inherently vulnerable (e.g., SIP, MCGP, b) Implementation vulnerabilities are vulnerabilities that are introduced by errors in a protocol implementation Architecture, network topology and association (e.g. routing) with other network elements Palindrome Technologies, All Rights Reserved 9 of 56

10 Attack Categories Attack Categories Service disruption (DoS/DDoS) Against phones, proxies, routers SIP/MGCP/H.323/RTP Affects edge-devices, overloads signaling elements and consumes network bandwidth Unauthorized access Network elements including subscriber devices, voice mail, , DNS, NTP, DHCP servers. Service Applications Management systems Provisioning Systems Billing Systems Eavesdropping and traffic analysis Fraud Network element compromise Manipulating the signaling messages and/or call flow 2007 Palindrome Technologies, All Rights Reserved 10 of 56

11 We will focus on.. MGCP manipulation Remote eavesdropping Call diversion Call disruption ZRTP weaknesses But we will also discuss Presence hijacking Caller-ID spoofing 2007 Palindrome Technologies, All Rights Reserved 11 of 56

12 MGCP Media Gateway Control Protocol IETF RFC 2705 Ports 2427 call agent to gateway 2727 gateway to call agent 2007 Palindrome Technologies, All Rights Reserved 12 of 56

13 MGCP message structure 2007 Palindrome Technologies, All Rights Reserved 13 of 56

14 MGCP at the gateway 2007 Palindrome Technologies, All Rights Reserved 14 of 56

15 Remote eavesdropping through media rerouting 2007 Palindrome Technologies, All Rights Reserved 15 of 56

16 The steps 1. Identify gateway channels 2. Interrogating a channel 3. Audit a specific connection 4. Reroute 2007 Palindrome Technologies, All Rights Reserved 16 of 56

17 Identify gateway channels Attacker request AUEP 1500 MGCP 0.1 Gateway response Z: Z: Z: Z: 2007 Palindrome Technologies, All Rights Reserved 17 of 56

18 Interrogating a channel Attacker request AUEP 1000 MGCP 0.1 F: R,D,S,X,N,I,T,O,ES Gateway response I: 2EDA N: X: 1 R: D/[0-9ABCD*#](N) S: O: T: ES: Important info to note (connection ID) Important info to note (associated call manager) 2007 Palindrome Technologies, All Rights Reserved 18 of 56

19 Audit a specific connection Attacker request AUCX 1 MGCP 1.0 I: 2EDA F: C,N,L,M,LC,RC,P Gateway response C: D F d N: L: p:20, a:pcmu, s:off, t:b8 M: sendrecv P: PS=9817, OS= , PR=9817, OR= , PL=0, JI=60, LA=0 v=0 c=in IP m=audio RTP/AVP a=rtpmap:100 X-NSE/8000 a=fmtp: Palindrome Technologies, All Rights Reserved 19 of 56

20 This might work Attacker request MDCX 1553 MGCP 0.1 C: D e0e000000F580001f6d I: 2EDA X: 16 L: p:20, a:pcmu, s:off, t:b8 M: sendrecv R: D/[0-9ABCD*#] Q: process, loop v=0 o= IN EPN s=disco SDP 0 t=0 0 m=audio RTP/AVP 0 c=in IP Palindrome Technologies, All Rights Reserved 20 of 56

21 Ergo 2007 Palindrome Technologies, All Rights Reserved 21 of 56

22 Consequences Ability to: eavesdrop in to conference calls man in the middle by impersonating as a call manager (EPCF, end-point configuration) Call disruption (DLCX, delete a connection) Originate a calls 2007 Palindrome Technologies, All Rights Reserved 22 of 56

23 Protection Does defense in depth tells you anything? Buller? Network ACL s to prevent access to MGCP ports (2427) from un-trusted hosts. Establish a trust relationship between CA and gateway IPSec 2007 Palindrome Technologies, All Rights Reserved 23 of 56

24 Zfone protects voice except 2007 Palindrome Technologies, All Rights Reserved 24 of 56

25 Zfone Implementation of ZRTP ZRTP key exchange through the media path (RTP) 2007 Palindrome Technologies, All Rights Reserved 25 of 56

26 ZRTP key exchange 2007 Palindrome Technologies, All Rights Reserved 26 of 56

27 Analysis of ZRTP traffic 2007 Palindrome Technologies, All Rights Reserved 27 of 56

28 DTMF tones are not encrypted 2007 Palindrome Technologies, All Rights Reserved 28 of 56

29 Examples of DTMF use IVR Interactive Voice Response system (navigation and authentication) Credit card verification Bank account management Customer support call center 2007 Palindrome Technologies, All Rights Reserved 29 of 56

30 Protection approach Extend ZRTP/Zfone implementation to protect DTMF Send DTMF through protected signaling 2007 Palindrome Technologies, All Rights Reserved 30 of 56

31 Attacks - Spoofing Caller-ID 2007 Palindrome Technologies, All Rights Reserved 31 of 56

32 Companies that offer Caller-ID Spoofing Palindrome Technologies, All Rights Reserved 32 of 56

33 Spoofing Caller-ID using SiVuS Manipulate the FROM header information Send and INVITE to a phone 2007 Palindrome Technologies, All Rights Reserved 33 of 56

34 Attacks - Presence Hijacking Presence Hijacking/Masquerading Attack using SIP 2007 Palindrome Technologies, All Rights Reserved 34 of 56

35 Presence Hijacking using SiVuS The objective is to spoof a REGISTER request The REGISTER request contains the Contact: header which indicates the IP address of the SIP device Palindrome Technologies, All Rights Reserved 35 of 56

36 Presence Hijacking using SiVuS Regular Register Request 2007 Palindrome Technologies, All Rights Reserved 36 of 56

37 The Attack 2007 Palindrome Technologies, All Rights Reserved 37 of 56

38 Manipulated REGISTER request properties IP address of the VoIP device on which a POTS phone is attached REGISTER sip: SIP/2.0 Via: SIP/2.0/UDP ;branch=xajB6FLTEHIcd0 From: To: Call-ID: CSeq: REGISTER Contact: Digest username=" ",realm=" ",nonce=" ", uri="sip:voip-service-provider.net:5061",algorithm=md5, response="43e001d2ef807f1e2c96e78adfd50bf7" Max_forwards: 70 User Agent: E57E31 VoIP-Router/RT31P (LIVd) Content-Type: application/sdp Subject: SiVuS Test Expires: 7200 Content-Length: 0 IP address that calls will be routed to (attacker) Authentication MD5 digest can be intercepted and used to replay messages 2007 Palindrome Technologies, All Rights Reserved 38 of 56

39 Presence Hijacking using SiVuS The REGISTER Message 2007 Palindrome Technologies, All Rights Reserved 39 of 56

40 Outline Quick intro Then and now Attacks Transparent weaknesses MGCP ZRTP Other attacks Presence hijacking Caller-ID spoofing How do we secure NGN /VoIP networks and conclusions SiVuS 1.10 Additional references 2007 Palindrome Technologies, All Rights Reserved 40 of 56

41 How do we secure NGN/VoIP networks? Assess and Verify Assess and Verify From the ground up From the ground up SECURITY is is NOT NOT a product, it s it s a PROCESS!! 2007 Palindrome Technologies, All Rights Reserved 41 of 56 Page 41

42 Outline Quick intro Then and now Attacks Transparent weaknesses MGCP ZRTP Other attacks Presence hijacking Caller-ID spoofing How do we secure NGN /VoIP networks and conclusions SiVuS 1.10 Additional references 2007 Palindrome Technologies, All Rights Reserved 42 of 56

43 Vulnerability Assessment SiVuS 2007 Palindrome Technologies, All Rights Reserved 43 of 56

44 SiVuS Message Generator 2007 Palindrome Technologies, All Rights Reserved 44 of 56

45 SiVuS - Discovery 2007 Palindrome Technologies, All Rights Reserved 45 of 56

46 SiVuS configuration 2007 Palindrome Technologies, All Rights Reserved 46 of 56

47 SiVuS Control Panel 2007 Palindrome Technologies, All Rights Reserved 47 of 56

48 SiVuS Reporting 2007 Palindrome Technologies, All Rights Reserved 48 of 56

49 SiVuS Authentication Analysis 2007 Palindrome Technologies, All Rights Reserved 49 of 56

50 Outline Quick intro Then and now Attacks Transparent weaknesses MGCP ZRTP Other attacks Presence hijacking Caller-ID spoofing How do we secure NGN /VoIP networks and conclusions SiVuS 1.10 Additional references 2007 Palindrome Technologies, All Rights Reserved 50 of 56

51 Additional references 2007 Palindrome Technologies, All Rights Reserved 51 of 56

52 References VoIPSA VoIP Security Alliance, The VoP Security Forum, NIST Security Considerations for VoIP Systems Voice over Internet Protocol (VoIP), Security Technical Implementation Guide (DISA) IP Telephony Tutorial, Signaling System 7 (SS7), SIP - IP Telephonly with SIP - SIP Tutorials The Session Initiation Protocol (SIP) SIP and the new network communications model H.323 ITU Standards, Third Generation Partnership Project (3gpp), Palindrome Technologies, All Rights Reserved 52 of 56

53 Standards ITU Focus Group on Next Generation Networks (FGNGN ) - Open Communications Architecture Forum (OCAF) Focus Group IETF Transport area - Security Area - ATIS - T1S1.1--Lawfully Authorized Electronic Surveillance T1S1.2--Security Lawful Intercept 3GPP - TS and TS ETSI DTS 102 v Palindrome Technologies, All Rights Reserved 53 of 56

54 VoP Security Forum The objectives of the VoPSecurity.org forum: Encourage education in NGN/VoIP security through publications, online forums and mailing lists and Develop capabilities (tools, interoperability testing, methodologies and best practices) for members to maintain security in their respective infrastructure. Conduct research to help identify vulnerabilities and solutions associated with NGN/VoIP. Coordinate annual member meetings to disseminate information, provide updates and promote interaction and initiatives regarding NGN/VoIP security. The VoP Security forum is viewed as a mechanism for participating members to be proactive and stay current with the threats and vulnerabilities associated with NGN/VoIP security and extend research in this area Palindrome Technologies, All Rights Reserved 54 of 56

55 VoPSecurity Forum Current Activities Mailing lists Public Documentation Intro to NGN Security (available) Join the community! Vulnerability Analysis Methodology for VoIP networks (in development) VoIP Firewalls (in development) Tools SiVuS VoIP vulnerability Scanner (available) Research Security evaluation of residential VoIP gateways 2007 Palindrome Technologies, All Rights Reserved 55 of 56

56 Q & A Contact info: Peter Thermos Palindrome Technologies, All Rights Reserved 56 of 56

Vulnerabilities in SOHO VoIP Gateways

Vulnerabilities in SOHO VoIP Gateways Vulnerabilities in SOHO VoIP Gateways Is grandma safe? Peter Thermos pthermos@vopsecurity.org pthermos@palindrometechnologies.com 1 Purpose of the study VoIP subscription is growing and therefore security

More information

Security behind the dial tone. VoIP Security Threats, Vulnerabilities, Countermeasures, and Best Practices

Security behind the dial tone. VoIP Security Threats, Vulnerabilities, Countermeasures, and Best Practices Security behind the dial tone VoIP Security Threats, Vulnerabilities, Countermeasures, and Best Practices ISSA Meeting 03/08 Peter Thermos Principal Consultant peter.thermos@palindrometech.com Tel: 732

More information

NTP VoIP Platform: A SIP VoIP Platform and Its Services

NTP VoIP Platform: A SIP VoIP Platform and Its Services NTP VoIP Platform: A SIP VoIP Platform and Its Services Speaker: Dr. Chai-Hien Gan National Chiao Tung University, Taiwan Email: chgan@csie.nctu.edu.tw Date: 2006/05/02 1 Outline Introduction NTP VoIP

More information

How to make free phone calls and influence people by the grugq

How to make free phone calls and influence people by the grugq VoIPhreaking How to make free phone calls and influence people by the grugq Agenda Introduction VoIP Overview Security Conclusion Voice over IP (VoIP) Good News Other News Cheap phone calls Explosive growth

More information

Application Notes for Configuring SIP Trunking between McLeodUSA SIP Trunking Solution and an Avaya IP Office Telephony Solution 1.

Application Notes for Configuring SIP Trunking between McLeodUSA SIP Trunking Solution and an Avaya IP Office Telephony Solution 1. Avaya Solution & Interoperability Test Lab Application Notes for Configuring SIP Trunking between McLeodUSA SIP Trunking Solution and an Avaya IP Office Telephony Solution 1.0 Abstract These Application

More information

VoIP some threats, security attacks and security mechanisms. Lars Strand RiskNet Open Workshop Oslo, 24. June 2009

VoIP some threats, security attacks and security mechanisms. Lars Strand RiskNet Open Workshop Oslo, 24. June 2009 VoIP some threats, security attacks and security mechanisms Lars Strand RiskNet Open Workshop Oslo, 24. June 2009 "It's appalling how much worse VoIP is compared to the PSTN. If these problems aren't fixed,

More information

The Purpose of a SIP-Aware Firewall/ALG

The Purpose of a SIP-Aware Firewall/ALG NetVanta Unified Communications Technical Note The Purpose of a SIP-Aware Firewall/ALG Introduction This technical note will explore the purpose of a Session Initiation Protocol (SIP)-aware firewall/application

More information

Ingate Firewall/SIParator SIP Security for the Enterprise

Ingate Firewall/SIParator SIP Security for the Enterprise Ingate Firewall/SIParator SIP Security for the Enterprise Ingate Systems February, 2013 Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?...

More information

Media Gateway Controller RTP

Media Gateway Controller RTP 1 Softswitch Architecture Interdomain protocols Application Server Media Gateway Controller SIP, Parlay, Jain Application specific Application Server Media Gateway Controller Signaling Gateway Sigtran

More information

An outline of the security threats that face SIP based VoIP and other real-time applications

An outline of the security threats that face SIP based VoIP and other real-time applications A Taxonomy of VoIP Security Threats An outline of the security threats that face SIP based VoIP and other real-time applications Peter Cox CTO Borderware Technologies Inc VoIP Security Threats VoIP Applications

More information

Three-Way Calling using the Conferencing-URI

Three-Way Calling using the Conferencing-URI Three-Way Calling using the Conferencing-URI Introduction With the deployment of VoIP users expect to have the same functionality and features that are available with a landline phone service. This document

More information

CPNI VIEWPOINT 02/2007 ENTERPRISE VOICE OVER IP

CPNI VIEWPOINT 02/2007 ENTERPRISE VOICE OVER IP ENTERPRISE VOICE OVER IP AUGUST 2007 Abstract Voice over IP (VoIP) is the term used for a set of technologies that enable real time voice or video conversations to take place across IP networks. VoIP devices

More information

SIP Essentials Training

SIP Essentials Training SIP Essentials Training 5 Day Course Lecture & Labs COURSE DESCRIPTION Learn Session Initiation Protocol and important protocols related to SIP implementations. Thoroughly study the SIP protocol through

More information

Cisco VoIP (in)security

Cisco VoIP (in)security Cisco VoIP (in)security Sandro GAUCI sandro@enablesecurity.com Joffrey CZARNY snorky@insomnihack.net VoIP VoIP (Voice over IP) is a technology to allows Voice communication over IP network Call flow VLAN

More information

Voice over IP (SIP) Milan Milinković milez@sbox.tugraz.at 30.03.2007.

Voice over IP (SIP) Milan Milinković milez@sbox.tugraz.at 30.03.2007. Voice over IP (SIP) Milan Milinković milez@sbox.tugraz.at 30.03.2007. Intoduction (1990s) a need for standard protocol which define how computers should connect to one another so they can share media and

More information

VoIP Signaling and Call Control

VoIP Signaling and Call Control VoIP Signaling and Call Control Cisco Networking Academy Program 1 Need for Signaling and Call Control 2 Model for VoIP Signaling and Call Control VoIP signaling components Endpoints Common control Common

More information

AV@ANZA Formación en Tecnologías Avanzadas

AV@ANZA Formación en Tecnologías Avanzadas SISTEMAS DE SEÑALIZACION SIP I & II (@-SIP1&2) Contenido 1. Why SIP? Gain an understanding of why SIP is a valuable protocol despite competing technologies like ISDN, SS7, H.323, MEGACO, SGCP, MGCP, and

More information

SIP Basics. CSG VoIP Workshop. Dennis Baron January 5, 2005. Dennis Baron, January 5, 2005 Page 1. np119

SIP Basics. CSG VoIP Workshop. Dennis Baron January 5, 2005. Dennis Baron, January 5, 2005 Page 1. np119 SIP Basics CSG VoIP Workshop Dennis Baron January 5, 2005 Page 1 Outline What is SIP SIP system components SIP messages and responses SIP call flows SDP basics/codecs SIP standards Questions and answers

More information

Session Initiation Protocol (SIP) 陳 懷 恩 博 士 助 理 教 授 兼 計 算 機 中 心 資 訊 網 路 組 組 長 國 立 宜 蘭 大 學 資 工 系 Email: wechen@niu.edu.tw TEL: 03-9357400 # 340

Session Initiation Protocol (SIP) 陳 懷 恩 博 士 助 理 教 授 兼 計 算 機 中 心 資 訊 網 路 組 組 長 國 立 宜 蘭 大 學 資 工 系 Email: wechen@niu.edu.tw TEL: 03-9357400 # 340 Session Initiation Protocol (SIP) 陳 懷 恩 博 士 助 理 教 授 兼 計 算 機 中 心 資 訊 網 路 組 組 長 國 立 宜 蘭 大 學 資 工 系 Email: wechen@niu.edu.tw TEL: 03-9357400 # 340 Outline Session Initiation Protocol SIP Extensions SIP Operation

More information

Multimedia & Protocols in the Internet - Introduction to SIP

Multimedia & Protocols in the Internet - Introduction to SIP Information and Communication Networks Multimedia & Protocols in the Internet - Introduction to Siemens AG 2004 Bernard Hammer Siemens AG, München Presentation Outline Basics architecture Syntax Call flows

More information

Voice over IP Security

Voice over IP Security Voice over IP Security Patrick Park Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA vii Contents Introduction xvii Part I VoIP Security Fundamentals 3 Chapter 1 Working with

More information

ARCHITECTURES TO SUPPORT PSTN SIP VOIP INTERCONNECTION

ARCHITECTURES TO SUPPORT PSTN SIP VOIP INTERCONNECTION ARCHITECTURES TO SUPPORT PSTN SIP VOIP INTERCONNECTION 10 April 2009 Gömbös Attila, Horváth Géza About SIP-to-PSTN connectivity 2 Providing a voice over IP solution that will scale to PSTN call volumes,

More information

Part II. Prof. Ai-Chun Pang Graduate Institute of Networking and Multimedia, Dept. of Comp. Sci. and Info. Engr., National Taiwan University

Part II. Prof. Ai-Chun Pang Graduate Institute of Networking and Multimedia, Dept. of Comp. Sci. and Info. Engr., National Taiwan University Session Initiation Protocol oco (SIP) Part II Prof. Ai-Chun Pang Graduate Institute of Networking and Multimedia, Dept. of Comp. Sci. and Info. Engr., National Taiwan University Email: acpang@csie.ntu.edu.tw

More information

IP-Telephony SIP & MEGACO

IP-Telephony SIP & MEGACO IP-Telephony SIP & MEGACO Bernard Hammer Siemens AG, Munich Siemens AG 2001 1 Presentation Outline Session Initiation Protocol Introduction Examples Media Gateway Decomposition Protocol 2 IETF Standard

More information

SIP: Session Initiation Protocol. Copyright 2005 2008 by Elliot Eichen. All rights reserved.

SIP: Session Initiation Protocol. Copyright 2005 2008 by Elliot Eichen. All rights reserved. SIP: Session Initiation Protocol Signaling Protocol Review H323: ITU peer:peer protocol. ISDN (Q.931) signaling stuffed into packets. Can be TCP or UDP. H225: Q931 for call control, RAS to resolve endpoints

More information

802.11: Mobility Within Same Subnet

802.11: Mobility Within Same Subnet What is Mobility? Spectrum of mobility, from the perspective: no mobility high mobility mobile wireless user, using same AP mobile user, (dis) connecting from using DHCP mobile user, passing through multiple

More information

3GPP TS 24.605 V8.1.0 (2008-09)

3GPP TS 24.605 V8.1.0 (2008-09) TS 24.605 V8.1.0 (2008-09) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Conference (CONF) using IP Multimedia (IM) Core Network

More information

Application Notes for IDT Net2Phone SIP Trunking Service with Avaya IP Office 8.1 - Issue 1.0

Application Notes for IDT Net2Phone SIP Trunking Service with Avaya IP Office 8.1 - Issue 1.0 Avaya Solution & Interoperability Test Lab Application Notes for IDT Net2Phone SIP Trunking Service with Avaya IP Office 8.1 - Issue 1.0 Abstract These Application Notes describe the procedures for configuring

More information

Anat Bremler-Barr Ronit Halachmi-Bekel Jussi Kangasharju Interdisciplinary center Herzliya Darmstadt University of Technology

Anat Bremler-Barr Ronit Halachmi-Bekel Jussi Kangasharju Interdisciplinary center Herzliya Darmstadt University of Technology Unregister Attack in SIP Anat Bremler-Barr Ronit Halachmi-Bekel Jussi Kangasharju Interdisciplinary center Herzliya Darmstadt University of Technology Unregister Attack We present a new VoIP Denial Of

More information

Recommended IP Telephony Architecture

Recommended IP Telephony Architecture Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings

More information

Voice Over Internet Protocol (VOIP) SECURITY. Rick Kuhn Computer Security Division National Institute of Standards and Technology

Voice Over Internet Protocol (VOIP) SECURITY. Rick Kuhn Computer Security Division National Institute of Standards and Technology Voice Over Internet Protocol (VOIP) SECURITY Rick Kuhn Computer Security Division National Institute of Standards and Technology What is VOIP? Voice Over Internet Protocol Voice Communications over data-style

More information

Voice over IP. VoIP (In) Security. Presented by Darren Bilby NZISF 14 July 2005

Voice over IP. VoIP (In) Security. Presented by Darren Bilby NZISF 14 July 2005 Voice over IP VoIP (In) Security Presented by Darren Bilby NZISF 14 July 2005 Security-Assessment.com Who We Are NZ s only pure-play security firm Largest team of security professionals in NZ Offices in

More information

IP Office Technical Tip

IP Office Technical Tip IP Office Technical Tip Tip no: 200 Release Date: January 23, 2008 Region: GLOBAL IP Office Session Initiation Protocol (SIP) Configuration Primer There are many Internet Telephony Service Providers (ITSP)

More information

Mobicents 2.0 The Open Source Communication Platform. DERUELLE Jean JBoss, by Red Hat 138

Mobicents 2.0 The Open Source Communication Platform. DERUELLE Jean JBoss, by Red Hat 138 Mobicents 2.0 The Open Source Communication Platform DERUELLE Jean JBoss, by Red Hat 138 AGENDA > VoIP Introduction > VoIP Basics > Mobicents 2.0 Overview SIP Servlets Server JAIN SLEE Server Media Server

More information

Finding VoIP vulnerabilities while you sleep

Finding VoIP vulnerabilities while you sleep Finding VoIP vulnerabilities while you sleep Background info on VoIP and previous research Introduction to VoIPER Description of some of its features Some demos and usage examples The results of my testing

More information

Protect Yourself Against VoIP Hacking. Mark D. Collier Chief Technology Officer SecureLogix Corporation

Protect Yourself Against VoIP Hacking. Mark D. Collier Chief Technology Officer SecureLogix Corporation Protect Yourself Against VoIP Hacking Mark D. Collier Chief Technology Officer SecureLogix Corporation What Will Be Covered How to assess the security of your IPT network: In house/external and ground

More information

SIP Security in IP Telephony

SIP Security in IP Telephony SIP Security in IP Telephony Muhammad Yeasir Arafat and M. Abdus Sobhan School of Engineering and Computer Science Independent University, Bangladesh E-mail: sobhan30@gmail.com Abstract Today the session

More information

This specification this document to get an official version of this User Network Interface Specification

This specification this document to get an official version of this User Network Interface Specification This specification describes the situation of the Proximus network and services. It will be subject to modifications for corrections or when the network or the services will be modified. Please take into

More information

Implementing Cisco Unified Communications Security (UCSECv1.0)

Implementing Cisco Unified Communications Security (UCSECv1.0) Implementing Cisco Unified Communications Security (UCSECv1.0) Course Objectives Identify vulnerabilities in Cisco Unified Communications networks and describe security strategies, cryptographic services,

More information

SIP: Protocol Overview

SIP: Protocol Overview SIP: Protocol Overview NOTICE 2001 RADVISION Ltd. All intellectual property rights in this publication are owned by RADVISION Ltd. and are protected by United States copyright laws, other applicable copyright

More information

SIP and VoIP 1 / 44. SIP and VoIP

SIP and VoIP 1 / 44. SIP and VoIP What is SIP? What s a Control Channel? History of Signaling Channels Signaling and VoIP Complexity Basic SIP Architecture Simple SIP Calling Alice Calls Bob Firewalls and NATs SIP URIs Multiple Proxies

More information

TECHNICAL SUPPORT NOTE. 3-Way Call Conferencing with Broadsoft - TA900 Series

TECHNICAL SUPPORT NOTE. 3-Way Call Conferencing with Broadsoft - TA900 Series Page 1 of 6 TECHNICAL SUPPORT NOTE 3-Way Call Conferencing with Broadsoft - TA900 Series Introduction Three way calls are defined as having one active call and having the ability to add a third party into

More information

VoIP Fraud Analysis. Simwood esms Limited https://www.simwood.com/ @simwoodesms Tel: 029 2120 2120

VoIP Fraud Analysis. Simwood esms Limited https://www.simwood.com/ @simwoodesms Tel: 029 2120 2120 VoIP Fraud Analysis Simwood esms Limited https:/// @simwoodesms Tel: 029 2120 2120 Simon Woodhead Managing Director simon.woodhead@simwood.com INTRODUCTION Wholesale Voice (and fax!)! UK Numbering Termination

More information

Voice over IP & Other Multimedia Protocols. SIP: Session Initiation Protocol. IETF service vision. Advanced Networking

Voice over IP & Other Multimedia Protocols. SIP: Session Initiation Protocol. IETF service vision. Advanced Networking Advanced Networking Voice over IP & Other Multimedia Protocols Renato Lo Cigno SIP: Session Initiation Protocol Defined by IETF RFC 2543 (first release march 1999) many other RFCs... see IETF site and

More information

EE4607 Session Initiation Protocol

EE4607 Session Initiation Protocol EE4607 Session Initiation Protocol Michael Barry michael.barry@ul.ie william.kent@ul.ie Outline of Lecture IP Telephony the need for SIP Session Initiation Protocol Addressing SIP Methods/Responses Functional

More information

The VoIP Vulnerability Scanner

The VoIP Vulnerability Scanner SiVuS (SiP Vulnerability Scanner) The VoIP Vulnerability Scanner User Guide v1.07 www.vopsecurity.org Contents 1 INTRODUCTION... 3 2 SIVUS FEATURES AND FUNCTIONALITY... 4 3 INSTALLATION... 5 4 OPERATION...

More information

Multimedia Communication in the Internet. SIP: Advanced Topics. Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS

Multimedia Communication in the Internet. SIP: Advanced Topics. Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS Multimedia Communication in the Internet SIP: Advanced Topics Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS SIP and NAT NAT Concept NAT = Network Address Translation Share one IP address

More information

VoIP Security Methodology and Results. NGS Software Ltd

VoIP Security Methodology and Results. NGS Software Ltd VoIP Security Methodology and Results NGS Software Ltd Barrie Dempster Senior Security Consultant barrie@ngssoftware.com Agenda VoIP Security Issues Assessment Methodology Case Study: Asterisk VoIP Security

More information

CPNI VIEWPOINT 03/2007 HOSTED VOICE OVER IP

CPNI VIEWPOINT 03/2007 HOSTED VOICE OVER IP HOSTED VOICE OVER IP AUGUST 2007 Abstract Voice over IP (VoIP) is the term used for a set of technologies that enable real time voice or video conversations to take place across IP networks. VoIP devices

More information

Hacking Trust Relationships of SIP Gateways

Hacking Trust Relationships of SIP Gateways Hacking Trust Relationships of SIP Gateways Author : Fatih Özavcı Homepage : gamasec.net/fozavci SIP Project Page : github.com/fozavci/gamasec-sipmodules Version : 0.9 Hacking Trust Relationship Between

More information

NTP VoIP Platform: A SIP VoIP Platform and Its Services 1

NTP VoIP Platform: A SIP VoIP Platform and Its Services 1 NTP VoIP Platform: A SIP VoIP Platform and Its Services 1 Whai-En Chen, Chai-Hien Gan and Yi-Bing Lin Department of Computer Science National Chiao Tung University 1001 Ta Hsueh Road, Hsinchu, Taiwan,

More information

CPNI VIEWPOINT 01/2007 INTERNET VOICE OVER IP

CPNI VIEWPOINT 01/2007 INTERNET VOICE OVER IP INTERNET VOICE OVER IP AUGUST 2007 Abstract Voice over IP (VoIP) is the term used for a set of technologies that enable real time voice or video conversations to take place across IP networks. VoIP devices

More information

Adaptation of TURN protocol to SIP protocol

Adaptation of TURN protocol to SIP protocol IJCSI International Journal of Computer Science Issues, Vol. 7, Issue 1, No. 2, January 2010 ISSN (Online): 1694-0784 ISSN (Print): 1694-0814 78 Adaptation of TURN protocol to SIP protocol Mustapha GUEZOURI,

More information

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method. A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money

More information

VoIP. What s Voice over IP?

VoIP. What s Voice over IP? VoIP What s Voice over IP? Transmission of voice using IP Analog speech digitized and transmitted as IP packets Packets transmitted on top of existing networks Voice connection is now packet switched as

More information

Request for Comments: 4579. August 2006

Request for Comments: 4579. August 2006 Network Working Group Request for Comments: 4579 BCP: 119 Category: Best Current Practice A. Johnston Avaya O. Levin Microsoft Corporation August 2006 Status of This Memo Session Initiation Protocol (SIP)

More information

Man-in-the-Middle Attack on T-Mobile Wi-Fi Calling

Man-in-the-Middle Attack on T-Mobile Wi-Fi Calling Man-in-the-Middle Attack on T-Mobile Wi-Fi Calling Jethro Beekman Christopher Thompson Electrical Engineering and Computer Sciences University of California at Berkeley Technical Report No. UCB/EECS-2013-18

More information

Securing SIP Trunks APPLICATION NOTE. www.sipera.com

Securing SIP Trunks APPLICATION NOTE. www.sipera.com APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)

More information

TOPIC understanding VoIP vulnerabilities

TOPIC understanding VoIP vulnerabilities How Fragile is your VoIP Implementation? For a long time, telecommunications networks and telephony services have been a part of the critical information infrastructure. They have always had high requirements

More information

Securing VoIP Networks using graded Protection Levels

Securing VoIP Networks using graded Protection Levels Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract

More information

Secured Communications using Linphone & Flexisip

Secured Communications using Linphone & Flexisip Secured Communications using Linphone & Flexisip Solution description Office: Le Trident Bat D 34, avenue de l Europe 38100 Grenoble France Tel. : +33 (0)9 52 63 65 05 Headquarters: 12, allée des Genêts

More information

VOICE OVER IP SECURITY

VOICE OVER IP SECURITY VOICE OVER IP SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

More information

Knut Omang Ifi/Oracle 16 Nov, 2015

Knut Omang Ifi/Oracle 16 Nov, 2015 RT protocols and Firewall/NAT - SIP FW/NAT support in the Linux kernel Knut Omang Ifi/Oracle 16 Nov, 2015 32 Overview Quick overview of some protocols in use for real-time multimedia SIP/SDP Other protocols

More information

A Call Conference Room Interception Attack and its Detection

A Call Conference Room Interception Attack and its Detection A Call Conference Room Interception Attack and its Detection Nikos Vrakas 1, Dimitris Geneiatakis 2 and Costas Lambrinoudakis 1 1 Department of Digital Systems, University of Piraeus 150 Androutsou St,

More information

ETSI TS 124 238 V8.2.0 (2010-01) Technical Specification

ETSI TS 124 238 V8.2.0 (2010-01) Technical Specification TS 124 238 V8.2.0 (2010-01) Technical Specification Universal Mobile Telecommunications System (UMTS); LTE; Session Initiation Protocol (SIP) based user configuration; Stage 3 (3GPP TS 24.238 version 8.2.0

More information

Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP

Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP Connecting MPLS Voice VPNs Enabling the secure interconnection of Inter-Enterprise VoIP Executive Summary: MPLS Virtual

More information

Need for Signaling and Call Control

Need for Signaling and Call Control Need for Signaling and Call Control VoIP Signaling In a traditional voice network, call establishment, progress, and termination are managed by interpreting and propagating signals. Transporting voice

More information

Multimedia Communication in the Internet. SIP Security Threads. Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS 1

Multimedia Communication in the Internet. SIP Security Threads. Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS 1 Multimedia Communication in the Internet SIP Security Threads Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS 1 Denial of Service Prevent service availability Software vulnerabilities

More information

Session Initiation Protocol (SIP)

Session Initiation Protocol (SIP) SIP: Session Initiation Protocol Corso di Applicazioni Telematiche A.A. 2006-07 Lezione n.7 Ing. Salvatore D Antonio Università degli Studi di Napoli Federico II Facoltà di Ingegneria Session Initiation

More information

OSSIR, November 2010 emil.ivov@sip-communicator.org 1/45

OSSIR, November 2010 emil.ivov@sip-communicator.org 1/45 OSSIR, November 2010 emil.ivov@sip-communicator.org 1/45 Real-time Communication Applications OSSIR, November 2010 emil.ivov@sip-communicator.org 2/45 Protocols sip & xmpp OSSIR, November 2010 emil.ivov@sip-communicator.org

More information

SIP ALG - Session Initiated Protocol Applications- Level Gateway

SIP ALG - Session Initiated Protocol Applications- Level Gateway SIP ALG is a parameter that is generally enabled on most commercial router because it helps to resolve NAT related problems. However, this parameter can be very harmful and can actually stop SIP Trunks

More information

COPYRIGHTED MATERIAL. Contents. Foreword. Acknowledgments

COPYRIGHTED MATERIAL. Contents. Foreword. Acknowledgments Contents Foreword Preface Acknowledgments 1 Introduction 1 1.1 Motivation for Network Convergence 1 1.2 The Core Network 2 1.3 Legacy Service Requirements 4 1.4 New Service Requirements 5 1.5 Architectures

More information

hackers 2 hackers conference III voip (in)security luiz eduardo cissp, ceh, cwne, gcih

hackers 2 hackers conference III voip (in)security luiz eduardo cissp, ceh, cwne, gcih luiz eduardo cissp, ceh, cwne, gcih who am I? networking guy security guy employed by Aruba Networks wlan network for defcon, blackhat & ccc regular speaker at cons founder, dc55.org and... agenda intro

More information

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,

More information

Firewall Support for SIP

Firewall Support for SIP Firewall Support for SIP The Firewall Support for SIP feature integrates Cisco IOS firewalls, Voice over IP (VoIP) protocol, and Session Initiation Protocol (SIP) within a Cisco IOS-based platform, enabling

More information

SIP Trunking & Peering Operation Guide

SIP Trunking & Peering Operation Guide SIP Trunking & Peering Operation Guide For Samsung OfficeServ May 07, 2008 doc v2.1.0 Sungwoo Lee Senior Engineer sungwoo1769.lee@samsung.com OfficeServ Network Lab. Telecommunication Systems Division

More information

Basic Vulnerability Issues for SIP Security

Basic Vulnerability Issues for SIP Security Introduction Basic Vulnerability Issues for SIP Security By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com The Session Initiation Protocol (SIP) is the future

More information

Using IP Networks for voice and video: benefits and challenges

Using IP Networks for voice and video: benefits and challenges Using IP Networks for voice and video: benefits and challenges Peter Cox CEO UM Labs Ltd October 2010 About UM Labs UK Based company Founded 2008 by Peter Cox and other cofounders of Borderware Technologies

More information

Free and Open Source Software in relation to Asterisk*

Free and Open Source Software in relation to Asterisk* Free and Open Source Software in relation to Asterisk* Lars Strand lars.strand@redpill-linpro.com Ibidium's Asterisk course Oslo, NR, 8.-11. September 2009 What is this? What is free software? What is

More information

Contents Introduction Why Fax over IP? How Real-time Fax over IP works Implementation with MessagePlus/Open Summary. About this document

Contents Introduction Why Fax over IP? How Real-time Fax over IP works Implementation with MessagePlus/Open Summary. About this document Fax over IP Contents Introduction Why Fax over IP? How Real-time Fax over IP works Implementation with MessagePlus/Open Summary About this document This document describes how Fax over IP works in general

More information

Application Notes for Avaya IP Office 7.0 Integration with Skype Connect R2.0 Issue 1.0

Application Notes for Avaya IP Office 7.0 Integration with Skype Connect R2.0 Issue 1.0 Avaya Solution & Interoperability Test Lab Application Notes for Avaya IP Office 7.0 Integration with Skype Connect R2.0 Issue 1.0 Abstract These Application Notes describe the steps to configure an Avaya

More information

Application Notes for Configuring SIP Trunking between Metaswitch MetaSphere CFS and Avaya IP Office Issue 1.0

Application Notes for Configuring SIP Trunking between Metaswitch MetaSphere CFS and Avaya IP Office Issue 1.0 Avaya Solution & Interoperability Test Lab Application Notes for Configuring SIP Trunking between Metaswitch MetaSphere CFS and Avaya IP Office Issue 1.0 Abstract These Application Notes describe the steps

More information

Voice over IP Fundamentals

Voice over IP Fundamentals Voice over IP Fundamentals Duration: 5 Days Course Code: GK3277 Overview: The aim of this course is for delegates to gain essential data networking and Voice over IP (VoIP) knowledge in a single, week-long

More information

CE 817 - Advanced Network Security VoIP Security

CE 817 - Advanced Network Security VoIP Security CE 817 - Advanced Network Security VoIP Security Lecture 25 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially

More information

Threats to be considered (1) ERSTE GROUP

Threats to be considered (1) ERSTE GROUP VoIP-Implementation Lessons Learned Philipp Schaumann Erste Group Bank AG Group IT-Security philipp.schaumann@erstegroup.com http://sicherheitskultur.at/ Seite 1 Threats to be considered (1) Eavesdropping

More information

Session Border Controller and IP Multimedia Standards. Mika Lehtinen mika.lehtinen@teliasonera.com

Session Border Controller and IP Multimedia Standards. Mika Lehtinen mika.lehtinen@teliasonera.com Session Border Controller and IP Multimedia Standards Mika Lehtinen mika.lehtinen@teliasonera.com December 1, 2005 Contents Introduction Motivation Research problem Research method Results Conclusion December

More information

Avaya IP Office 4.0 Customer Configuration Guide SIP Trunking Configuration For Use with Cbeyond s BeyondVoice with SIPconnect Service

Avaya IP Office 4.0 Customer Configuration Guide SIP Trunking Configuration For Use with Cbeyond s BeyondVoice with SIPconnect Service Avaya IP Office 4.0 Customer Configuration Guide SIP Trunking Configuration For Use with Cbeyond s BeyondVoice with SIPconnect Service Issue 2.2 06/25/2007 Page 1 of 41 Table of contents 1 Introduction...8

More information

Communication Systems SIP

Communication Systems SIP Communication Systems SIP Computer Science Organization I. Data and voice communication in IP networks II. Security issues in networking III. Digital telephony networks and voice over IP 2 Part 3 Digital,

More information

Multimedia Communication in the Internet. SIP Security Threats. Sven Ehlert Next Generation Network Infrastructure Fraunhofer FOKUS 1

Multimedia Communication in the Internet. SIP Security Threats. Sven Ehlert Next Generation Network Infrastructure Fraunhofer FOKUS 1 Multimedia Communication in the Internet SIP Security Threats Sven Ehlert Next Generation Network Infrastructure Fraunhofer FOKUS 1 Outline SIP Security Mechanisms Denial of Service VoIP SPAM 2 SIP Call

More information

Voice Over IP (VoIP) Denial of Service (DoS)

Voice Over IP (VoIP) Denial of Service (DoS) Introduction Voice Over IP (VoIP) Denial of Service (DoS) By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Denial of Service (DoS) is an issue for any IP network-based

More information

TSIN02 - Internetworking

TSIN02 - Internetworking TSIN02 - Internetworking Lecture 9: SIP and H323 Literature: Understand the basics of SIP and it's architecture Understand H.323 and how it compares to SIP Understand MGCP (MEGACO/H.248) SIP: Protocol

More information

Voice over IP Security

Voice over IP Security ii Voice over IP Security Patrick Park Copyright 2009 Cisco Systems, Inc. Published by: Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA All rights reserved. No part of this book may be reproduced

More information

Cisco Advanced Services for Network Security

Cisco Advanced Services for Network Security Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs

More information

Multi-layered Security Solutions for VoIP Protection

Multi-layered Security Solutions for VoIP Protection Multi-layered Security Solutions for VoIP Protection Copyright 2005 internet Security Systems, Inc. All rights reserved worldwide Multi-layered Security Solutions for VoIP Protection An ISS Whitepaper

More information

VoIP Security. Piero Fontanini

VoIP Security. Piero Fontanini Piero Fontanini Master s Thesis Master of Science in Information Security 30 ECTS Department of Computer Science and Media Technology Gjøvik University College, 2008 Avdeling for informatikk og medieteknikk

More information

End-2-End QoS Provisioning in UMTS networks

End-2-End QoS Provisioning in UMTS networks End-2-End QoS Provisioning in UMTS networks Haibo Wang Devendra Prasad October 28, 2004 Contents 1 QoS Support from end-to-end viewpoint 3 1.1 UMTS IP Multimedia Subsystem (IMS)................... 3 1.1.1

More information

Potential Targets - Field Devices

Potential Targets - Field Devices Potential Targets - Field Devices Motorola Field Devices: Remote Terminal Units ACE 3600 Front End Devices ACE IP Gateway ACE Field Interface Unit (ACE FIU) 2 Credential Cracking Repeated attempts to

More information

FDIC Division of Supervision and Consumer Protection

FDIC Division of Supervision and Consumer Protection FDIC Division of Supervision and Consumer Protection Voice over Internet Protocol (VoIP) Informational Supplement June 2005 1 Summary In an attempt to control expenses, consumers and businesses are considering

More information

AGILE SIP TRUNK IP-PBX Connection Manual (Asterisk)

AGILE SIP TRUNK IP-PBX Connection Manual (Asterisk) AGILE SIP TRUNK IP-PBX Connection Manual (Asterisk) 1. Login to CID (Customer ID) Login https://manager.agile.ne.jp/login.php USERNAME Password 2. Go to SIP List of SIP TRUNK SIP SIP List Buy SIP Trunk

More information

Expert Reference Series of White Papers. SIP and the Art of Converged Communications

Expert Reference Series of White Papers. SIP and the Art of Converged Communications Expert Reference Series of White Papers SIP and the Art of Converged Communications 1-800-COURSES www.globalknowledge.com SIP and the Art of Converged Communications Cheryl Nygaard, APSS, ACIS, ACSS; Global

More information