Voice over IP: Unsafe at any Bandwidth?
|
|
- Aubrey Shepherd
- 7 years ago
- Views:
Transcription
1 Universität Hamburg Voice over IP: Unsafe at any Bandwidth? Joachim Posegga Fachbereich Informatik SVS Sicherheit in Verteilten Systemen VoIP Security: Agenda 1. PSTN & VoIP 2. SIP: Session Initiation Protocol 3. Threats 4. SIP Security Mechanisms in Real Life 6. Conclusion Focus: PSTN-oriented View, Consumer Market UH, FB Inf, SVS, 24-Mai-04 (JP) 2 1
2 Public Telephone Networks A Public Telephone Network (PSTN) is a safety-critical, concurrent, real-time, non-stop, fault-tolerant, heterogeneous, distributed system, largely based on software. How come that it works? UH, FB Inf, SVS, 24-Mai-04 (JP) 3 Circuit-Switched Telephony Traditional PSTN Approach SS7 Signaling Network Class 4 Switch SCP Most service logic in local switches, rest in SCPs Class 5 Switch Typically analog loop, conversion to digital at local switch Circuit-based Trunks 64 kb/s digital voice Media stream Class 5 Switch Signaling Payload and Signaling use Separate Networks UH, FB Inf, SVS, 24-Mai-04 (JP) 4 2
3 Voice over IP: Rationale Pro Convergence of voice, data and video infrastructure: reduced long-term network ownership costs New voice-enabled applications (e.g. in call centers) Easy to integrate into IP-based systems Decoupling of Infrastructure & Sevices eases deployment of new services (by new players) Cf. VoIP over UMTS Lower recurring transmission charges Contra Voice Quality (wrt to bandwidth) Reliability / Availability Security UH, FB Inf, SVS, 24-Mai-04 (JP) 5 Protocols for VoIP Signaling Establish, Locate, Setup, Modify and End Sessions SIP (Session Initiation Protocol) H.323 (Packet-based Multimedia Communications Systems) Various protocols to interface with POTS/ISDN Media Transport Transmit Voice Samples RTP (Real-Time Transport Protocol) RTCP (RTP Control Protocol) SCTP (Stream Control Transmission Protocol) Support DNS, Location Servers, QoS, Routing Protocols, AAA TRIP (Telephony Routing over IP) Quality of Service RSVP(Resource Reservation Setup Protocol) UH, FB Inf, SVS, 24-Mai-04 (JP) 6 3
4 What is SIP? The Session Initiation Protocol (SIP) is an application-layer control (signaling) protocol for creating, modifying and terminating sessions with one or more participants. These sessions include Internet multimedia conferences, Internet telephone calls and multimedia distribution. UH, FB Inf, SVS, 24-Mai-04 (JP) 7 What is the SIP? SIP components: User location: Where is the end system? User availability: Is the called party willing to engage in communications? User capabilities: What media and media parameters can be used? Session setup: ringing and establishing of session parameters at both parties. Session management: transfer and termination of sessions, modifying session parameters, invoking services. UH, FB Inf, SVS, 24-Mai-04 (JP) 8 4
5 Protocol Components User Agent Handle SIP requests (terminal side) Redirect Server Redirect callers (requests) to another Server Relay Call Signaling ( Proxy requests to another server ) Fork requests to multiple targets Maintain a basic Call-State (or not) Registrar Receive registrations requests regarding user locations Store the information at a Location Server UH, FB Inf, SVS, 24-Mai-04 (JP) 9 SIP Operation Example: Alice calls Bob over the Internet. Their SIP proxies act on behalf of them to facilitate session establishment Phases: location of an end point signal of a desire to communicate negotiation of session parameters teardown of the session Alice s PC INVITE F1 100 Trying F3 180 Ringing F8 200 OK F11 SIP proxy atlanta.com INVITE F2 100 Trying F5 180 Ringing F7 200 OK F10 ACK F12 RTP Media Stream SIP proxy biloxy.com INVITE F4 180 Ringing F6 200 OK F9 Bob s SIP Phone BYE F OK F14 UH, FB Inf, SVS, 24-Mai-04 (JP) 10 5
6 Example of Operation Transaction begins with Alice s phone sending an INVITE request addressed to Bob s SIP URI. INVITE is a SIP method that specifies an action that the requestor (Alice) wants the server (Bob) to take. The INVITE request contains a number of header fields (named attributes): a unique identifier for the call the destination address Alice s address information about the type of session that Alice wishes to establish with Bob UH, FB Inf, SVS, 24-Mai-04 (JP) 11 Overview of Operation INVITE Method name INVITE sip:bob@biloxi.com SIP/2.0 The address which Alice is expecting to receive responses + return path Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hg4bk776asdhds Max-Forwards: 70 To: Bob <sip:bob@biloxi.com> A SIP URI towards which the request was originally directed From: Alice <sip:alice@atlanta.com>;tag= Globally unique identifier Call-ID: a84b4c76e66710@pc33.atlanta.com for this call Sequence number + CSeq: INVITE method name URI that represents a direct route back Contact: <sip:alice@pc33.atlanta.com> Content-Type: application/sdp Content-Length: 142 Content description Details of the session, type of media, codec, sampling rate, etc. are not described in SIP but in the SDP UH, FB Inf, SVS, 24-Mai-04 (JP) 12 6
7 Overview of Operation F1: Alice s Terminal does not know the location of Bob or his SIP server, and sends the INVITE to the SIP server that serves her domain F3: the proxy sends 100 (Trying) back: This indicates that the INVITE has been received, and that the proxy is working on routing the INVITE to the destination. Alice s PC INVITE F1 100 Trying F3 180 Ringing F8 200 OK F11 atlanta.com INVITE F2 100 Trying F5 180 Ringing F7 200 OK F10 ACK F12 RTP Media Stream BYE F OK F14 biloxy.com INVITE F4 180 Ringing F6 200 OK F9 Bob s SIP Phone F2: The atlanta.com proxy locates the proxy biloxi.com, possibly by DNS, adds a Via header and forwards the INVITE request. F4: The proxy queries a location service for the IP address of Bob. It adds another Via header with its own address to the INVITE and proxies it to Bob s SIP phone. UH, FB Inf, SVS, 24-Mai-04 (JP) 13 Overview of Operation F5: The biloxi.com proxy server receives the INVITE and responds with 100 (Trying) back to the atlanta.com proxy server Alice s PC atlanta.com biloxy.com F6: Bob s SIP phone received the INVITE and the phone rings. The phone indicates this in a 180 (Ringing) INVITE F1 Bob s SIP Phone response, which is INVITE F2 routed back in the 100 Trying F3 INVITE F4 reverse direction. 100 Trying F5 180 Ringing F6 180 Ringing F7 180 Ringing F8 The Via header fields determine where to 200 OK F9 send responses; no 200 OK F OK F10 lookups or state in the proxies is ACK F12 needed. RTP Media Stream BYE F OK F14 UH, FB Inf, SVS, 24-Mai-04 (JP) 14 7
8 Overview of Operation F9: Bob decides to answer the call; 200 (OK) indicates that the call has been answered. Alice s PC 200 (OK) contains a message body with the media description (SDP) of the type of session that Bob is willing to establish. INVITE F1 100 Trying F3 180 Ringing F8 200 OK F11 atlanta.com INVITE F2 100 Trying F5 180 Ringing F7 200 OK F10 ACK F12 RTP Media Stream biloxy.com 200 OK F9 If Bob did not answer the call or was busy on another call, an error response would have been sent instead of the 200 (OK). Bob s SIP Phone A proxy server can also forward an INVITE F4 INVITE to a number 180 Ringing F6 of locations ( forking ). BYE F OK F14 UH, FB Inf, SVS, 24-Mai-04 (JP) 15 SIP Response SIP/ OK The first line of the response contains the response code (200) and the reason phrase (OK) Added by biloxy.com SIP Proxy Via: SIP/2.0/UDP server10.biloxi.com;branch=z9hg4bknashds8 ;received= Via: SIP/2.0/UDP bigbox3.site3.atlanta.com;branch=z9hg4bk77ef4c ;received= Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hg4bk776asdhds ;received= To: Bob <sip:bob@biloxi.com>;tag=a6c85cf 465 From: Alice <sip:alice@atlanta.com>;tag= Call-ID: a84b4c76e66710 CSeq: INVITE Contact: <sip:bob@ > Content-Type: application/sdp Content-Length: (Bob s SDP not shown) Added by atlanta.com SIP Proxy Added by Alice s softphone Contains a URI at which Bob can be directly reached at his SIP phone. UH, FB Inf, SVS, 24-Mai-04 (JP) 16 8
9 Overview of Operation atlanta.com biloxy.com F12: Finally, Alice s softphone sends an acknowledgement message to Bob s SIP phone Alice s PC INVITE F1 100 Trying F3 180 Ringing F8 200 OK F11 INVITE F2 100 Trying F5 180 Ringing F7 200 OK F10 ACK F12 RTP Media Stream INVITE F4 180 Ringing F6 200 OK F9 Bob s SIP Phone ACK is sent directly from Alice s softphone to Bob s SIP phone, bypassing the two proxies. The endpoints have learned each other s address from the Contact header fields through the INVITE/200 (OK) exchange. BYE F OK F14 End of INVITE/200/ACK three-way handshake UH, FB Inf, SVS, 24-Mai-04 (JP) 17 Overview of Operation Alice and Bob s media session has started. In general, the end-to-end media packets take a route different from the SIP signaling messages During the session, either Alice or Bob may decide to change the characteristics of the media session by sending a re-invite containing a new media description. The other party sends a 200 (OK) to accept the change. The requestor responds to the 200 (OK) with an ACK. If the other party does not accept the change, he sends an error response such as 406 (Not Acceptable), which also receives an ACK. UH, FB Inf, SVS, 24-Mai-04 (JP) 18 9
10 Overview of Operation F13/F14: At the end of the call, Bob disconnects (hangs up) and generates a BYE message (bypassing the proxies). atlanta.com biloxy.com Alice confirms receipt of the BYE with a 200 (OK) response, which terminates the session and the BYE transaction. Alice s PC INVITE F1 100 Trying F3 180 Ringing F8 200 OK F11 INVITE F2 100 Trying F5 180 Ringing F7 200 OK F10 Bob s SIP Phone INVITE F4 180 Ringing F6 200 OK F9 ACK F12 RTP Media Stream BYE F OK F14 UH, FB Inf, SVS, 24-Mai-04 (JP) 19 Overview of Operation Registration At periodic intervals, Bob s SIP phone REGISTERs on to a server in the biloxi.com domain: the SIP Registrar. SIP Location Server 2. Write in DB SIP Registration Server The REGISTER messages associate Bob s SIP URI (sip:bob@biloxi.com) with the machine he is logged on. The registrar stores this binding in a database, called the location service. 3. Query for Bob s Location 4. Zero (0) or more URIs 1. REGISTER Bob is not limited to registering from a single device. Similarly, more than one user can be registered on a single device. biloxy.com Bob s SIP Phone UH, FB Inf, SVS, 24-Mai-04 (JP) 20 10
11 Overview of Operation Registration F1 REGISTER Bob -> Registrar REGISTER sip:registrar.biloxi.com SIP/2.0 Via: SIP/2.0/UDP bobspc.biloxi.com:5060; branch=z9hg4bknashds7 Max-Forwards: 70 To: Bob From: Bob Call-ID: CSeq: 1826 REGISTER Contact: Expires: 7200 Content-Length: 0 SIP Registration Server REGISTER F1 200 OK F2 Bob s SIP Phone UH, FB Inf, SVS, 24-Mai-04 (JP) 21 Overview of Operation CANCEL The CANCEL is used to cancel a previous request sent by a client (INVITE). A client that receives a CANCEL request for an INVITE, but has not yet sent a final response, would stop ringing, and then respond to the INVITE with a specific error response (487). Alice s PC INVITE F1 100 Trying F2 180 Ringing F3 Bob s SIP Phone CANCEL F4 487 (Request Terminated) F5 UH, FB Inf, SVS, 24-Mai-04 (JP) 23 11
12 VoIP Security: Agenda 1. PSTN & VoIP 2. SIP: Session Initiation Protocol 3. Threats 4. SIP Security Mechanisms in Real Life 6. Conclusion UH, FB Inf, SVS, 24-Mai-04 (JP) 24 General Threats to VoIP Components Protocols Impersonation, chosen protocol attacks, connection hijacking,... Implementation Buffer overflows, race conditions, power and timing analysis,... Viruses/worms (e.g. to capture credentials) Infrastructure Sniffing, injecting, or altering network traffic Every TCP/IP DoS SYN floods Ping floods All other attacks that work against TCP/IP hosts UH, FB Inf, SVS, 24-Mai-04 (JP) 25 12
13 SIP Protocol Threats Denial-of-Service CANCEL BYE Using response codes Call Hijacking Through the Registrar Through the usage of 3xy response messages Mid-Session tricks MITM Attacks Through 301 & 302 Response codes (moved permanently/temporarily) Through 305 (Use Proxy) response code UH, FB Inf, SVS, 24-Mai-04 (JP) 26 Denial of Service Using Response Codes A malicious party can use response codes to introduce a denial of service conditions: 4xx responses are definite failure responses: The client SHOULD NOT retry the same request without modification [..]. 5xx responses are failure responses given when a server itself has erred. 6xx responses indicate that a server has definitive information about a particular user, not just the particular instance indicated in the Request-URI. UH, FB Inf, SVS, 24-Mai-04 (JP) 27 13
14 Call Hijack Re-INVITE this modification can involve changing addresses or ports, adding a media stream, deleting media stream, by sending a new INVITE request within the same dialog that established the session Re-INVITE can introduce other participants to the session: Eavesdropping made easy UH, FB Inf, SVS, 24-Mai-04 (JP) 28 More Threats Covert Channels Unknown Header fields Enumerating OPTIONS Call Leg does not exists Wiretapping Who s in my path? SIP Proxies are allowed to send messages through a set of additional proxies Call Tracking Malicious Clients (more later) UH, FB Inf, SVS, 24-Mai-04 (JP) 29 14
15 VoIP Security: Agenda 1. PSTN & VoIP 2. SIP: Session Initiation Protocol 3. Threats to SIP 4. SIP Security Mechanisms 5. Real Life 6. Conclusion UH, FB Inf, SVS, 24-Mai-04 (JP) 30 SIP Security Mechanisms Authentication of Signaling Data using HTTP Digest Authentication Basic Authentication discouraged, but possible S/MIME Usage within SIP TLS usage within SIP RFC 3261 mandates the use of TLS for proxies, redirect servers, and registrars to protect SIP signaling. Using TLS for UAs is recommended. IPsec usage within SIP IPsec may be used for SIP signaling at the network layer. (Most suited to securing SIP hosts in a SIP VPN scenario or between administrative SIP domains. Confidentiality of Media Data SIP itself does not consider the encryption of media data. RTP may provide confidentiality. UH, FB Inf, SVS, 24-Mai-04 (JP) 31 15
16 Authentication: The Core of VoIP Security Underlying Assumption There is a (universally accessible) trust infrastructure for Authentication (PKI?) Practical Considerations: What is the trust model? Who is going to provide (an interoperable) PKIs? What is the basis for granting certificates? Terminals: Who is the Principal? User? Platform? Process? Network Interface?... How to protect credentials? How will users deal with credentials? Anyone can issue a certificate... -> Doable (though hard) for enterprises, but also consumer-proof? UH, FB Inf, SVS, 24-Mai-04 (JP) 32 Client & Server Security VoIP/SIP components use ordinary computers (PCs) as platforms VoIP systems are (at best) as secure as the underlying platforms Example: Many VoIP devices run Web servers for remote management, which may be vulnerable to attacks ranging from information disclosure to buffer overflows. UH, FB Inf, SVS, 24-Mai-04 (JP) 33 16
17 UH, FB Inf, SVS, 24-Mai-04 (JP) 34 VoIP Terminals Ofir Arkin: The Trivial Cisco IP Phones Compromise Abstract The paper lists several severe vulnerabilities with Cisco systems SIP-based IP Phone 7960 and its supporting environment. These vulnerabilities lead to complete control of a user s credentials,..., and the ability to subvert the entire IP Telephony environment. Sept UH, FB Inf, SVS, 24-Mai-04 (JP) 35 17
18 Spam VoIP Spam (by machines) Much more obtrusive then Spam Your phone rings (in the middle of the night) Blacklisting does not work (cf. ) Whitelisting does not work I want new people to call me Certificates don t work Grant them based on what? Possible Solution Implement a Turing Test to detect machines? UH, FB Inf, SVS, 24-Mai-04 (JP) 36 Lawful Interception Lawful interception (LI) is the legally sanctioned official access to private communications, such as telephone calls or messages. The VoIP provider and the access provider are generally different entities Signaling and payload can take different (unpredictable) routes Signaling and payload traffic are linked together only in terminals Payload encryption is controlled exclusively terminals Can LI be technically deployed without a footprint in terminals? You had to intercept all SIP traffic, and, after call setup, intercept in real time the network traffic of a provider not necessarily known before UH, FB Inf, SVS, 24-Mai-04 (JP) 37 18
19 For the Long-term Memory VoIP is much harder to secure than PSTN: Distributed System, no central management Built-in mobility (cf. GSM) No separate signaling channel Attacks scale easily (e.g. DoS) VOIP inherits all properties of TCP/IP including security weaknesses All problems of complex, IP-based terminals (platform weaknesses, security awareness of users, ) Convergence of two global and structurally different networks introduces new security weaknesses VoIP needs a universal trust infrastructure (based on smart cards?) or very different business models! All hope abandon, ye who enter here! -- Inferno. Canto III, Dante Alighieri UH, FB Inf, SVS, 24-Mai-04 (JP) 38 VoIP: Back to the Roots? Initial Deployment of the Telephone Network Overhead Wires at Broadway and John Street, New York, 1890 UH, FB Inf, SVS, 24-Mai-04 (JP) 39 19
How to make free phone calls and influence people by the grugq
VoIPhreaking How to make free phone calls and influence people by the grugq Agenda Introduction VoIP Overview Security Conclusion Voice over IP (VoIP) Good News Other News Cheap phone calls Explosive growth
More information3.1 SESSION INITIATION PROTOCOL (SIP) OVERVIEW
3.1 SESSION INITIATION PROTOCOL (SIP) OVERVIEW SIP is an application layer protocol that is used for establishing, modifying and terminating multimedia sessions in an Internet Protocol (IP) network. SIP
More informationAn outline of the security threats that face SIP based VoIP and other real-time applications
A Taxonomy of VoIP Security Threats An outline of the security threats that face SIP based VoIP and other real-time applications Peter Cox CTO Borderware Technologies Inc VoIP Security Threats VoIP Applications
More informationTSIN02 - Internetworking
TSIN02 - Internetworking Lecture 9: SIP and H323 Literature: Understand the basics of SIP and it's architecture Understand H.323 and how it compares to SIP Understand MGCP (MEGACO/H.248) SIP: Protocol
More informationSession Initiation Protocol (SIP)
SIP: Session Initiation Protocol Corso di Applicazioni Telematiche A.A. 2006-07 Lezione n.7 Ing. Salvatore D Antonio Università degli Studi di Napoli Federico II Facoltà di Ingegneria Session Initiation
More informationNTP VoIP Platform: A SIP VoIP Platform and Its Services
NTP VoIP Platform: A SIP VoIP Platform and Its Services Speaker: Dr. Chai-Hien Gan National Chiao Tung University, Taiwan Email: chgan@csie.nctu.edu.tw Date: 2006/05/02 1 Outline Introduction NTP VoIP
More informationSIP: Protocol Overview
SIP: Protocol Overview NOTICE 2001 RADVISION Ltd. All intellectual property rights in this publication are owned by RADVISION Ltd. and are protected by United States copyright laws, other applicable copyright
More informationRequest for Comments: 4579. August 2006
Network Working Group Request for Comments: 4579 BCP: 119 Category: Best Current Practice A. Johnston Avaya O. Levin Microsoft Corporation August 2006 Status of This Memo Session Initiation Protocol (SIP)
More informationSession Initiation Protocol (SIP)
Il protocollo SIP Session Initiation Protocol (SIP) SIP is the IETF s standard for establishing VoIP connections It is an application layer control protocol for creating, modifying and terminating sessions
More informationSession Initiation Protocol (SIP) 陳 懷 恩 博 士 助 理 教 授 兼 計 算 機 中 心 資 訊 網 路 組 組 長 國 立 宜 蘭 大 學 資 工 系 Email: wechen@niu.edu.tw TEL: 03-9357400 # 340
Session Initiation Protocol (SIP) 陳 懷 恩 博 士 助 理 教 授 兼 計 算 機 中 心 資 訊 網 路 組 組 長 國 立 宜 蘭 大 學 資 工 系 Email: wechen@niu.edu.tw TEL: 03-9357400 # 340 Outline Session Initiation Protocol SIP Extensions SIP Operation
More informationSession Initiation Protocol (SIP) The Emerging System in IP Telephony
Session Initiation Protocol (SIP) The Emerging System in IP Telephony Introduction Session Initiation Protocol (SIP) is an application layer control protocol that can establish, modify and terminate multimedia
More informationBasic Vulnerability Issues for SIP Security
Introduction Basic Vulnerability Issues for SIP Security By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com The Session Initiation Protocol (SIP) is the future
More informationFor internal circulation of BSNL only
E1-E2 E2 CFA Session Initiation Protocol AGENDA Introduction to SIP Functions of SIP Components of SIP SIP Protocol Operation Basic SIP Operation Introduction to SIP SIP (Session Initiation Protocol) is
More informationTECHNICAL CHALLENGES OF VoIP BYPASS
TECHNICAL CHALLENGES OF VoIP BYPASS Presented by Monica Cultrera VP Software Development Bitek International Inc 23 rd TELELCOMMUNICATION CONFERENCE Agenda 1. Defining VoIP What is VoIP? How to establish
More informationEE4607 Session Initiation Protocol
EE4607 Session Initiation Protocol Michael Barry michael.barry@ul.ie william.kent@ul.ie Outline of Lecture IP Telephony the need for SIP Session Initiation Protocol Addressing SIP Methods/Responses Functional
More informationInternet Voice, Video and Telepresence Harvard University, CSCI E-139. Lecture #5
Internet Voice, Video and Telepresence Harvard University, CSCI E-139 Lecture #5 Instructor: Len Evenchik len_evenchik@harvard.edu sip:len.evenchik@harvard.edu AT&T Dimension PBX, 1980 Lecture Agenda Welcome
More informationNAT TCP SIP ALG Support
The feature allows embedded messages of the Session Initiation Protocol (SIP) passing through a device that is configured with Network Address Translation (NAT) to be translated and encoded back to the
More informationSIP RFC (3261) explained, LIGHT 3.2 (1/2011) - www.sipknowledge.com
/*============================================================================*\ Note: The original contents of the RFC 3261 was left intact. We only added elaborative footnotes (and links in the ms-word
More informationVoice over IP Fundamentals
Voice over IP Fundamentals Duration: 5 Days Course Code: GK3277 Overview: The aim of this course is for delegates to gain essential data networking and Voice over IP (VoIP) knowledge in a single, week-long
More informationAV@ANZA Formación en Tecnologías Avanzadas
SISTEMAS DE SEÑALIZACION SIP I & II (@-SIP1&2) Contenido 1. Why SIP? Gain an understanding of why SIP is a valuable protocol despite competing technologies like ISDN, SS7, H.323, MEGACO, SGCP, MGCP, and
More informationARCHITECTURES TO SUPPORT PSTN SIP VOIP INTERCONNECTION
ARCHITECTURES TO SUPPORT PSTN SIP VOIP INTERCONNECTION 10 April 2009 Gömbös Attila, Horváth Géza About SIP-to-PSTN connectivity 2 Providing a voice over IP solution that will scale to PSTN call volumes,
More informationMultimedia & Protocols in the Internet - Introduction to SIP
Information and Communication Networks Multimedia & Protocols in the Internet - Introduction to Siemens AG 2004 Bernard Hammer Siemens AG, München Presentation Outline Basics architecture Syntax Call flows
More informationSIP : Session Initiation Protocol
: Session Initiation Protocol EFORT http://www.efort.com (Session Initiation Protocol) as defined in IETF RFC 3261 is a multimedia signaling protocol used for multimedia session establishment, modification
More informationVoIP. What s Voice over IP?
VoIP What s Voice over IP? Transmission of voice using IP Analog speech digitized and transmitted as IP packets Packets transmitted on top of existing networks Voice connection is now packet switched as
More informationMedia Gateway Controller RTP
1 Softswitch Architecture Interdomain protocols Application Server Media Gateway Controller SIP, Parlay, Jain Application specific Application Server Media Gateway Controller Signaling Gateway Sigtran
More informationSIP: Session Initiation Protocol
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 Internet Engineering Task Force SIP WG INTERNET-DRAFT J. Rosenberg,H. Schulzrinne,G. Camarillo,A. Johnston,J. Peterson,R. Sparks,M. Handley,E.
More informationMultimedia Communication in the Internet. SIP: Advanced Topics. Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS
Multimedia Communication in the Internet SIP: Advanced Topics Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS SIP and NAT NAT Concept NAT = Network Address Translation Share one IP address
More informationChapter 2 PSTN and VoIP Services Context
Chapter 2 PSTN and VoIP Services Context 2.1 SS7 and PSTN Services Context 2.1.1 PSTN Architecture During the 1990s, the telecommunication industries provided various PSTN services to the subscribers using
More informationIntroduction to VoIP Technology
Lesson 1 Abstract Introduction to VoIP Technology 2012. 01. 06. This first lesson of contains the basic knowledge about the terms and processes concerning the Voice over IP technology. The main goal of
More informationPart II. Prof. Ai-Chun Pang Graduate Institute of Networking and Multimedia, Dept. of Comp. Sci. and Info. Engr., National Taiwan University
Session Initiation Protocol oco (SIP) Part II Prof. Ai-Chun Pang Graduate Institute of Networking and Multimedia, Dept. of Comp. Sci. and Info. Engr., National Taiwan University Email: acpang@csie.ntu.edu.tw
More informationVOICE OVER IP SECURITY
VOICE OVER IP SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationFOSDEM 2007 Brussels, Belgium. Daniel Pocock B.CompSc(Melbourne) www.readytechnology.co.uk
Open Source VoIP on Debian FOSDEM 2007 Brussels, Belgium Daniel Pocock B.CompSc(Melbourne) www.readytechnology.co.uk Overview User expectations How it works Survey of available software Overview of resiprocate
More informationVoice over IP (SIP) Milan Milinković milez@sbox.tugraz.at 30.03.2007.
Voice over IP (SIP) Milan Milinković milez@sbox.tugraz.at 30.03.2007. Intoduction (1990s) a need for standard protocol which define how computers should connect to one another so they can share media and
More informationSession Initiation Protocol and Services
Session Initiation Protocol and Services Harish Gokul Govindaraju School of Electrical Engineering, KTH Royal Institute of Technology, Haninge, Stockholm, Sweden Abstract This paper discusses about the
More informationThe use of IP networks, namely the LAN and WAN, to carry voice. Voice was originally carried over circuit switched networks
Voice over IP Introduction VoIP Voice over IP The use of IP networks, namely the LAN and WAN, to carry voice Voice was originally carried over circuit switched networks PSTN (Public Switch Telephone Network)
More informationSession Initiation Protocol (SIP) Chapter 5
Session Initiation Protocol (SIP) Chapter 5 Introduction A powerful alternative to H.323 More flexible, simpler Easier to implement Advanced features Better suited to the support of intelligent user devices
More informationinternet technologies and standards
Institute of Telecommunications Warsaw University of Technology 2015 internet technologies and standards Piotr Gajowniczek Andrzej Bąk Michał Jarociński multimedia in the Internet Voice-over-IP multimedia
More informationApplication Notes for Configuring SIP Trunking between McLeodUSA SIP Trunking Solution and an Avaya IP Office Telephony Solution 1.
Avaya Solution & Interoperability Test Lab Application Notes for Configuring SIP Trunking between McLeodUSA SIP Trunking Solution and an Avaya IP Office Telephony Solution 1.0 Abstract These Application
More informationThe VoIP Vulnerability Scanner
SiVuS (SiP Vulnerability Scanner) The VoIP Vulnerability Scanner User Guide v1.07 www.vopsecurity.org Contents 1 INTRODUCTION... 3 2 SIVUS FEATURES AND FUNCTIONALITY... 4 3 INSTALLATION... 5 4 OPERATION...
More informationSIP SECURITY. Status Quo and Future Issues. 23. Chaos Communication Congress: 27. - 30.12.2006, Berlin, Germany
SIP SECURITY Status Quo and Future Issues 23. Chaos Communication Congress: 27. - 30.12.2006, Berlin, Germany Jan Seedorf - seedorf@informatik.uni-hamburg.de SVS - Security in Distributed Systems Intention
More informationChapter 10 Session Initiation Protocol. Prof. Yuh-Shyan Chen Department of Computer Science and Information Engineering National Taipei University
Chapter 10 Session Initiation Protocol Prof. Yuh-Shyan Chen Department of Computer Science and Information Engineering National Taipei University Outline 12.1 An Overview of SIP 12.2 SIP-based GPRS Push
More informationEDA095 Audio and Video Streaming
EDA095 Audio and Video Streaming Pierre Nugues Lund University http://cs.lth.se/pierre_nugues/ April 22, 2015 Pierre Nugues EDA095 Audio and Video Streaming April 22, 2015 1 / 35 What is Streaming Streaming
More informationSIP: Ringing Timer Support for INVITE Client Transaction
SIP: Ringing Timer Support for INVITE Client Transaction Poojan Tanna (poojan@motorola.com) Motorola India Private Limited Outer Ring Road, Bangalore, India 560 037 Abstract-The time for which the Phone
More informationA Comparative Study of Signalling Protocols Used In VoIP
A Comparative Study of Signalling Protocols Used In VoIP Suman Lasrado *1, Noel Gonsalves *2 Asst. Prof, Dept. of MCA, AIMIT, St. Aloysius College (Autonomous), Mangalore, Karnataka, India Student, Dept.
More informationSIP for Voice, Video and Instant Messaging
James Polk 20050503 SIP for Voice, Video and Instant Messaging James Polk 20050503 Faisal Chaudhry fchaudhr@cisco.com Technical Leader Cisco Advanced Services Cisco Systems, Inc. All rights reserved. 1
More informationSIP Essentials Training
SIP Essentials Training 5 Day Course Lecture & Labs COURSE DESCRIPTION Learn Session Initiation Protocol and important protocols related to SIP implementations. Thoroughly study the SIP protocol through
More informationEnd-2-End QoS Provisioning in UMTS networks
End-2-End QoS Provisioning in UMTS networks Haibo Wang Devendra Prasad October 28, 2004 Contents 1 QoS Support from end-to-end viewpoint 3 1.1 UMTS IP Multimedia Subsystem (IMS)................... 3 1.1.1
More informationSession Initiation Protocol (SIP)
Session Initiation Protocol (SIP) Introduction A powerful alternative to H.323 More flexible, simpler Easier to implement Advanced features Better suited to the support of intelligent user devices A part
More informationSIP Security. ENUM-Tag am 28. September in Frankfurt. Prof. Dr. Andreas Steffen. Agenda. andreas.steffen@zhwin.ch
ENUM-Tag am 28. September in Frankfurt SIP Security Prof. Dr. Andreas Steffen andreas.steffen@zhwin.ch Andreas Steffen, 28.09.2004, ENUM_SIP.ppt 1 Agenda SIP The Session Initiation Protocol Securing the
More informationSession Initiation Protocol
TECHNICAL OVERVIEW Session Initiation Protocol Author: James Wright, MSc This paper is a technical overview of the Session Initiation Protocol and is designed for IT professionals, managers, and architects
More informationSession Initiation Protocol Security Considerations
Session Initiation Protocol Security Considerations Sami Knuutinen Helsinki University of Technology Department of Computer Science and Engineering May 28, 2003 Abstract Session Initiation Protocol (SIP)
More informationSIP OVER NAT. Pavel Segeč. University of Žilina, Faculty of Management Science and Informatics, Slovak Republic e-mail: Pavel.Segec@fri.uniza.
SIP OVER NAT Pavel Segeč University of Žilina, Faculty of Management Science and Informatics, Slovak Republic e-mail: Pavel.Segec@fri.uniza.sk Abstract Session Initiation Protocol is one of key IP communication
More informationSIP Messages. 180 Ringing The UA receiving the INVITE is trying to alert the user. This response MAY be used to initiate local ringback.
SIP Messages 100 Trying This response indicates that the request has been received by the next-hop server and that some unspecified action is being taken on behalf of this call (for example, a database
More informationBest Practices for SIP Security
Best Practices for SIP Security IMTC SIP Parity Group Version 21 November 9, 2011 Table of Contents 1. Overview... 33 2. Security Profile... 33 3. Authentication & Identity Protection... 33 4. Protecting
More informationVoIP Security regarding the Open Source Software Asterisk
Cybernetics and Information Technologies, Systems and Applications (CITSA) 2008 VoIP Security regarding the Open Source Software Asterisk Prof. Dr.-Ing. Kai-Oliver Detken Company: DECOIT GmbH URL: http://www.decoit.de
More informationSIP: Ringing Timer Support for INVITE Client Transaction
SIP: Ringing Timer Support for INVITE Client Transaction Poojan Tanna (poojan@motorola.com) Motorola India Private Limited Outer Ring Road, Bangalore, India 560 037 Abstract-The time for which the Phone
More informationThis specification this document to get an official version of this User Network Interface Specification
This specification describes the situation of the Proximus network and services. It will be subject to modifications for corrections or when the network or the services will be modified. Please take into
More informationWhite paper. SIP An introduction
White paper An introduction Table of contents 1 Introducing 3 2 How does it work? 3 3 Inside a normal call 4 4 DTMF sending commands in sip calls 6 5 Complex environments and higher security 6 6 Summary
More informationIntroduction to VOIP Security OWASP. The OWASP Foundation. Angad Singh and Rohit Shah goldfish21@gmail.com rohit.shah@yahoo.co.in.
Introduction to VOIP Security Angad Singh and Rohit Shah goldfish21@gmail.com rohit.shah@yahoo.co.in 30-October-2010 Copyright The Foundation Permission is granted to copy, distribute and/or modify this
More informationSIP Security in IP Telephony
SIP Security in IP Telephony Muhammad Yeasir Arafat and M. Abdus Sobhan School of Engineering and Computer Science Independent University, Bangladesh E-mail: sobhan30@gmail.com Abstract Today the session
More informationVoice over IP & Other Multimedia Protocols. SIP: Session Initiation Protocol. IETF service vision. Advanced Networking
Advanced Networking Voice over IP & Other Multimedia Protocols Renato Lo Cigno SIP: Session Initiation Protocol Defined by IETF RFC 2543 (first release march 1999) many other RFCs... see IETF site and
More informationVoice over IP Security
ii Voice over IP Security Patrick Park Copyright 2009 Cisco Systems, Inc. Published by: Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA All rights reserved. No part of this book may be reproduced
More informationHow To Understand The Purpose Of A Sip Aware Firewall/Alg (Sip) With An Alg (Sip) And An Algen (S Ip) (Alg) (Siph) (Network) (Ip) (Lib
NetVanta Unified Communications Technical Note The Purpose of a SIP-Aware Firewall/ALG Introduction This technical note will explore the purpose of a Session Initiation Protocol (SIP)-aware firewall/application
More informationSIP Basics. CSG VoIP Workshop. Dennis Baron January 5, 2005. Dennis Baron, January 5, 2005 Page 1. np119
SIP Basics CSG VoIP Workshop Dennis Baron January 5, 2005 Page 1 Outline What is SIP SIP system components SIP messages and responses SIP call flows SDP basics/codecs SIP standards Questions and answers
More informationSIP Introduction. Jan Janak
SIP Introduction Jan Janak SIP Introduction by Jan Janak Copyright 2003 FhG FOKUS A brief overview of SIP describing all important aspects of the Session Initiation Protocol. Table of Contents 1. SIP Introduction...
More informationThree-Way Calling using the Conferencing-URI
Three-Way Calling using the Conferencing-URI Introduction With the deployment of VoIP users expect to have the same functionality and features that are available with a landline phone service. This document
More informationVoIP Security. Piero Fontanini
Piero Fontanini Master s Thesis Master of Science in Information Security 30 ECTS Department of Computer Science and Media Technology Gjøvik University College, 2008 Avdeling for informatikk og medieteknikk
More informationUser authentication in SIP
User authentication in SIP Pauli Vesterinen Helsinki University of Technology pjvester@cc.hut.fi Abstract Today Voice over Internet Protocol (VoIP) is used in large scale to deliver voice and multimedia
More informationHow To Write A Sip Message On A Microsoft Ipa (Sip) On A Pcode (Siph) On An Ipa Or Ipa On A Ipa 2 (Sips) On Pcode On A Webmail (
Network Working Group J. Rosenberg/H. Schulzrinne/G. Camarillo/A. Johnston/J. Peterson/R. Sparks/M. Handley/E. Schooler Request for Comments: 3261 dynamicsoft/columbia U./Ericsson/Worldcom/Neustar/dynamicsoft/ICIR/AT&T
More informationMultimedia Conferencing with SIP
Multimedia Conferencing with SIP Signalling Demands in Real-Time Systems Multimedia Networking: Protocol Suite Conferencing: VoIP & VCoIP SIP SDP/SAP/IMG Signalling Demands Media Types can be signalled
More informationMOHAMED EL-SHAER Teaching Assistant. Room C3 @: mohamed.el-shaer@guc.edu.eg. TASK Exercises Thu., Nov. 17, 2014 CONTENT
Room C3.221 Tel : +20 275 899 90-8, ext. 1376 Fax : +20 227 581 041 Mail: robil.daher@guc.edu.eg; robil.daher@ieee.org Room C3 @: mohamed.el-shaer@guc.edu.eg Faculty of Information Engineering and Technology
More informationSIP Trunking. Service Guide. www.megapath.com. Learn More: Call us at 877.634.2728.
Service Guide Learn More: Call us at 877.634.2728. www.megapath.com What is MegaPath SIP Trunking? SIP Trunking enables your business to reduce costs and simplify IT management by combining voice and Internet
More informationInternet Services & Protocols Multimedia Applications, Voice over IP
Department of Computer Science Institute for System Architecture, Chair for Computer Networks Internet Services & Protocols Multimedia Applications, Voice over IP Dr.-Ing. Stephan Groß Room: INF 3099 E-Mail:
More informationNTP VoIP Platform: A SIP VoIP Platform and Its Services 1
NTP VoIP Platform: A SIP VoIP Platform and Its Services 1 Whai-En Chen, Chai-Hien Gan and Yi-Bing Lin Department of Computer Science National Chiao Tung University 1001 Ta Hsueh Road, Hsinchu, Taiwan,
More informationSIP Trunking and Voice over IP
SIP Trunking and Voice over IP Agenda What is SIP Trunking? SIP Signaling How is Voice encoded and transported? What are the Voice over IP Impairments? How is Voice Quality measured? VoIP Technology Confidential
More informationEnabling Security Features in Firmware DGW v2.0 June 22, 2011
Enabling Security Features in Firmware DGW v2.0 June 22, 2011 Proprietary 2011 Media5 Corporation Table of Contents Scope... 3 Acronyms and Definitions... 3 Setup Description... 3 Basics of Security Exchanges...
More informationMultimedia Communications Voice over IP
Multimedia Communications Voice over IP Anandi Giridharan Electrical Communication Engineering, Indian Institute of Science, Bangalore 560012, India Voice over IP (Real time protocols) Internet Telephony
More information802.11: Mobility Within Same Subnet
What is Mobility? Spectrum of mobility, from the perspective: no mobility high mobility mobile wireless user, using same AP mobile user, (dis) connecting from using DHCP mobile user, passing through multiple
More informationVoIP some threats, security attacks and security mechanisms. Lars Strand RiskNet Open Workshop Oslo, 24. June 2009
VoIP some threats, security attacks and security mechanisms Lars Strand RiskNet Open Workshop Oslo, 24. June 2009 "It's appalling how much worse VoIP is compared to the PSTN. If these problems aren't fixed,
More informationSIP Session Initiation Protocol
SIP Session Initiation Protocol Laurent Réveillère Enseirb Département Télécommunications reveillere@enseirb.fr Session Initiation Protocol Raisin 2007 Overview This is a funny movie! I bet Laura would
More informationLehrstuhl für Informatik 4 Kommunikation und verteilte Systeme
Chapter 2: Representation of Multimedia Data Chapter 3: Multimedia Systems Communication Aspects and Services Multimedia Applications and Communication Protocols Quality of Service and Resource Management
More informationIP-Telephony SIP & MEGACO
IP-Telephony SIP & MEGACO Bernard Hammer Siemens AG, Munich Siemens AG 2001 1 Presentation Outline Session Initiation Protocol Introduction Examples Media Gateway Decomposition Protocol 2 IETF Standard
More information10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network
10 Key Things Your Firewall Should Do When voice joins applications and data on your network Table of Contents Making the Move to 3 10 Key Things 1 Security is More Than Physical 4 2 Priority Means Clarity
More informationInternet Services & Protocols Multimedia Applications, Voice over IP
Department of Computer Science Institute for System Architecture, Chair for Computer Networks Internet Services & Protocols Multimedia Applications, Voice over IP Dipl.-Inform. Stephan Groß Room: GRU314
More informationBEng (Hons) Telecommunications. Examinations for 2011 2012 / Semester 1
BEng (Hons) Telecommunications Cohort: BTEL/10A/FT Examinations for 2011 2012 / Semester 1 MODULE: IP Telephony MODULE CODE: TELC3107 Duration: 2 Hours Reading time: 15 Minutes Instructions to Candidates:
More information10 Signaling Protocols for Multimedia Communication
Outline (Preliminary) 1. Introduction and Motivation 2. Digital Rights Management 3. Cryptographic Techniques 4. Electronic Payment Systems 5. Multimedia Content Description Part I: Content-Oriented Base
More informationTransparent weaknesses in VoIP
Transparent weaknesses in VoIP Peter Thermos peter.thermos@palindrometech.com 2007 Palindrome Technologies, All Rights Reserved 1 of 56 Speaker Background Consulting Government and commercial organizations,
More informationMixer/Translator VOIP/SIP. Translator. Mixer
Mixer/Translator VOIP/SIP RTP Mixer, translator A mixer combines several media stream into a one new stream (with possible new encoding) reduced bandwidth networks (video or telephone conference) appears
More informationSIP PBX TRUNKING WITH SIP-DDI 1.0
Documentation on SIP PBX trunking with SIP-DDI 1.0 and the related QSC product IPfonie extended Version 1.1, date: september 15th, 2011 page 1/22 List of references Author Document Roland Hänel "Technical
More informationThe Trivial Cisco IP Phones Compromise
Security analysis of the implications of deploying Cisco Systems SIP-based IP Phones model 7960 Ofir Arkin Founder The Sys-Security Group ofir@sys-security.com http://www.sys-security.com September 2002
More informationSecurity Issues of SIP
Master Thesis Electrical Engineering Thesis no: MEE10:74 June 2010 BLEKINGE INSTITUTE OF TECHNOLOGY SCHOOL OF ENGINEERING DEPARTMENT OF TELECOMMUNICATION SYSTEMS Security Issues of SIP MASTER S THESIS
More informationApplication Notes for IDT Net2Phone SIP Trunking Service with Avaya IP Office 8.1 - Issue 1.0
Avaya Solution & Interoperability Test Lab Application Notes for IDT Net2Phone SIP Trunking Service with Avaya IP Office 8.1 - Issue 1.0 Abstract These Application Notes describe the procedures for configuring
More informationSIP, Session Initiation Protocol used in VoIP
SIP, Session Initiation Protocol used in VoIP Page 1 of 9 Secure Computer Systems IDT658, HT2005 Karin Tybring Petra Wahlund Zhu Yunyun Table of Contents SIP, Session Initiation Protocol...1 used in VoIP...1
More informationOverview ENUM ENUM. VoIP Introduction (2/2) VoIP Introduction (1/2)
Overview Voice-over over-ip (VoIP) ENUM VoIP Introduction Basic PSTN Concepts and SS7 Old Private Telephony Solutions Internet Telephony and Services VoIP-PSTN Interoperability IP PBX Network Convergence
More informationApplication Note. Onsight Connect Network Requirements V6.1
Application Note Onsight Connect Network Requirements V6.1 1 ONSIGHT CONNECT SERVICE NETWORK REQUIREMENTS... 3 1.1 Onsight Connect Overview... 3 1.2 Onsight Connect Servers... 4 Onsight Connect Network
More informationVulnerability Analysis on Mobile VoIP Supplementary Services and MITM Attack
Vulnerability Analysis on Mobile VoIP Supplementary Services and MITM Attack You Joung Ham Graduate School of Computer Engineering, Hanshin University, 411, Yangsan-dong, Osan, Gyeonggi, Rep. of Korea
More informationAn Introduction to VoIP Protocols
An Introduction to VoIP Protocols www.netqos.com Voice over IP (VoIP) offers the vision of a converged network carrying multiple types of traffic (voice, video, and data, to name a few). To carry out this
More informationMultimedia Communication in the Internet. SIP Security Threads. Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS 1
Multimedia Communication in the Internet SIP Security Threads Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS 1 Denial of Service Prevent service availability Software vulnerabilities
More informationInternet Engineering Task Force (IETF) Request for Comments: 7088 Category: Informational February 2014 ISSN: 2070-1721
Internet Engineering Task Force (IETF) D. Worley Request for Comments: 7088 Ariadne Category: Informational February 2014 ISSN: 2070-1721 Abstract Session Initiation Protocol Service Example -- Music on
More informationApplication Note. Firewall Requirements for the Onsight Mobile Collaboration System and Hosted Librestream SIP Service v5.0
Application Note Firewall Requirements for the Onsight Mobile Collaboration System and Hosted Librestream SIP Service v5.0 1 FIREWALL REQUIREMENTS FOR ONSIGHT MOBILE VIDEO COLLABORATION SYSTEM AND HOSTED
More information