Multimedia Communication in the Internet. SIP Security Threats. Sven Ehlert Next Generation Network Infrastructure Fraunhofer FOKUS 1
|
|
- Marvin Alexander
- 7 years ago
- Views:
Transcription
1 Multimedia Communication in the Internet SIP Security Threats Sven Ehlert Next Generation Network Infrastructure Fraunhofer FOKUS 1
2 Outline SIP Security Mechanisms Denial of Service VoIP SPAM 2
3 SIP Call Flows Recap REGISTER INVITE OK OK ACK 3
4 Security Services Availability subject to Denial of Service Attacks: burdening servers with enormous load, uploading hostile applications, physical violence difficult to beat: self vs. non-self problem Authorization prevents unauthorized persons from inspection of both signaling and media can be solved using encryption problems: encryption computationally expensive; key exchange protocols needed; no PKI available Authentication, Accounting 4
5 SIP Security Tools Need to protect registrations User A should not be allowed to register as user B Need to protect service usage User A should not be allowed to use the PSTN gateway Need to ensure the identity of the server Avoid contacting insecure servers Need to secure content Do not allow servers to manipulate content not meant for them 5
6 SIP Digest Authentication Required for user identification and admission control for services. Based on HTTP Digest (RFC2617) Request Challenge (nonce,realm) ACK Hash: Algorithm generating small output One way generation Collision resistant Computationally simple Request w/credentials 6
7 Digest Ingredients Server sends nce: Server known generated string, Time encoded Realm, Algorithm, Quality of Protection Client operation: request-uri username realm pwd H-A1 nonce H-A2 Server computes own MD5 Checks for match MD5 7
8 Message Security Users can encrypt the content of their messages to prevent SIP proxies from reading or changing the content Can only encrypt parts that are not used by proxies VIA, RecordRoute,... Encryption might prevent some functions Firewall / NAT traversal Hop-by-Hop Signaling Security requires belief in transitive trust immense computational stress on servers if public-key used can deal with firewalls/nats may cover entire signaling mechanisms: ipsec, TLS Combination of both may be used Keying: no established solution 8
9 More on TLS Security Disclaimers: Trust established hop-by-hop it implies transitive trust along arbitrarily long proxy chains. Remember a chains is as strong as the weakest element in it. You have to trust next-hop not to pass your requests to questionable servers. Privacy is not end-to-end: proxy servers along the signaling path do see SIP in plain-text. 9
10 Media Security Encryption of media content May take place either at IP or RTP layer IPSec / SRTP Performance overhead considerable established solutions for keying: MIKEY-PSK MIKEY-RSA MIKEY-DH MIKEY-DHHMAC MIKEY-RSA-R SDES SDES-EM EKT SDP-DH ZRTP DTLS Sig. Conf. * Forking * * * Media before Answer Sharedkey conf. PKI? * * Rekey * Bid-down protection * 10
11 Social Issues! SIP INVITE w/jpeg INVITE SIP/2.0 Via: SIP/2.0/UDP here.com:5060 From: BigGuy To: LittleGuy Call-ID: 200 OK w/jpeg SIP/ OK Via: SIP/2.0/UDP here.com:5060 From: BigGuy To: LittleGuy Call-ID: 11
12 Denial of Service Prevent service availability Software vulnerabilities Sasser, Ping of Death Resource depletion Smurf, SYN Flood Distributed Denial of Service Attacks Tools Trinoo, Stacheldraht, TFN2K, Phatbot Annoyance AND financial consequences E.g. Yahoo attack in hours offline, estimated $ loss 12
13 Motivation SIP Attack Motivation Gaining access to the service (PSTN) Eavesdropping Denial of Service Enhanced Security Services to counter Security policies Traffic encryption Active attack detection 13
14 Attack Points SIP Proxy 14
15 Attack Points SIP Proxy SIP Helper Services AAA, STUN, RTPproxy, DNS/ENUM, PSTN 15
16 Attack Points SIP Proxy SIP Helper Services AAA, STUN, RTPproxy, DNS/ENUM, PSTN Network Protocols TCP, UDP, RTP, TLS 16
17 SIP Proxy Exploitation Memory: SIP is memory hungry Save messages while processing them Save messages during transactions up to a few minutes CPU: Message parsing Application execution Bandwidth t SIP-special 17
18 Memory Depletion Attacks Brute force: Start thousands of calls with different FROM, TO and Call-IDs Lesser impact, as they don't create state Fast CPU, good implementation and a lot of memory can handle these Monitoring and filtering to block Identify misbehaving users Setup blacklists / whitelists Broken Sessions: Start sessions and do not complete Create state at the server 18
19 Broken Session UA Proxy INVITE INVITE forwarding unreachable ~ 3 kbyte min 3 min waiting for response 19
20 Broken Session UA Proxy Proxy 404 t Found 404 t Found forwarding Spoofed Address ~ 3 kbyte ~ 30 sec waiting for ACK 20
21 Broken Session UA Proxy 300 Multiple Choices Malicious Proxy ~ 3 n kbyte > 3 min waiting for each reply 21
22 Stateless Authentication Stateless message handling Run security checks in stateless mode before moving to stateful Authentication SPAM After validation continue in stateful mode Authentication Authenticate all requests to prevent fraud Use stateless authentication, e.g. predictive nonces State Message Type Time Period Secret... Scramble To UA 22
23 CPU Exhaustion Attacks Message parsing and security enforcement Too many messages requiring parsing and authentication Exhaustion is a sign of bad implementation or underdimensioned hardware Application execution Too complex scripts or heavy database interaction Restrict application intelligence offered to user Server blocking Messages with non-resolvable DNS names Build TCP/TLS connections to non-existing receivers 23
24 CPU Exhaustion: Counter Measures Server design Dimension hardware appropriately to offered services Parallel process, each dealing with one request n-blocking design: n-blocking communication with DNS and database Implementation complexity and memory usage increase considerably DNS handling only use the IP address DNS caching Receive field in VIA headers INVITE Via: SIP/2.0/UDP caller.net:5060; \ received: ;rport:1234 Contact: user@sip.caller.net Content-Type: application/sdp c=in IP4 sip.caller.net m=audio 8000 RTP/AVP 4 24
25 Attack Fans 25
26 Attack Fans Loops Annoying and probably a configuration mistake 26
27 Attack Fans Loops Annoying and probably a configuration mistake Forked Loops Requires a larger level of coordination Can not be dealt with statelessly Loop detection increases complexity of proxies Max-Forward set by user Enforce local policies of a small Max-Forward 27
28 Distributed DoS Reply Forwarding Insert Spoofed Address INVITE Via: SIP/2.0/UDP target.sip.net; Via: SIP/2.0/UDP other.addr.net; Via: SIP/2.0/UDP yet.another.net; 28
29 Distributed DoS Reply Forwarding Insert Spoofed Address INVITE Via: SIP/2.0/UDP target.sip.net; Via: SIP/2.0/UDP other.addr.net; Via: SIP/2.0/UDP yet.another.net; Innocent Hosts 29
30 Distributed DoS Reply Forwarding Insert Spoofed Address INVITE Via: SIP/2.0/UDP target.sip.net; Via: SIP/2.0/UDP other.addr.net; Via: SIP/2.0/UDP yet.another.net; Innocent Hosts Message forwarding with reply 30
31 Distributed DoS Reply Forwarding Insert Spoofed Address INVITE Via: SIP/2.0/UDP target.sip.net; Via: SIP/2.0/UDP other.addr.net; Via: SIP/2.0/UDP yet.another.net; Innocent Hosts Response redirection Target Host 31
32 STUN Attacks Attacks on a STUN server Denial of Service Compromising STUN server to attack STUN clients Protocol design to prevent attack possibilities nearly fully stateless operation Authentication vulnerable to general DoS attacks common countermeasures dedicated STUN server monitoring and filtering 32
33 DoS Conclusion SIP offers attacks a wide variety of attack possibilities A lot of the attack possibilities depend on configuration of the SIP server, its implementation and usage scenario Effects of many attacks can be reduced by Efficient implementation and appropriate hardware Stateless processing and authentication Clever DNS handling Filtering and monitoring blacklists 33
34 VoIP SPAM Threats Spam = unsolicited information sent to you without your permission Similar to spam, but only partly Voice has a concept of time in contrast to text Users have to deal a defined amount of time with SPAM Voice Scanning proves to be harder than text scanning higher bandwidth penalty Deployment is simple as with spam simple distribution tools automatic call generation lower caller costs in contrast to PSTN 34
35 SIP SPAM Technical details Spammers forge SIP messages and identities SIP allows for From: field forging t only Voice, also Instant Messaging and Presence 35
36 Countermeasure I Solution taken from SPAM prevention White lists / Black Lists Configure by user / provider? Legal implications? messages content filtering Efficient server based filtering solutions (> 95 % reliability) 36
37 Countermeasure II New approaches Challenge / Response Resource Puzzle Charging Reputation SPIT will come! Think of dealing with it now. 37
38 References Franks, J. et. al.: HTTP Authentication: Basic and Digest Access Authentication", IETF RFC 2617,
Multimedia Communication in the Internet. SIP Security Threads. Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS 1
Multimedia Communication in the Internet SIP Security Threads Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS 1 Denial of Service Prevent service availability Software vulnerabilities
More informationMultimedia Communication in the Internet. SIP: Advanced Topics. Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS
Multimedia Communication in the Internet SIP: Advanced Topics Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS SIP and NAT NAT Concept NAT = Network Address Translation Share one IP address
More informationVoIP some threats, security attacks and security mechanisms. Lars Strand RiskNet Open Workshop Oslo, 24. June 2009
VoIP some threats, security attacks and security mechanisms Lars Strand RiskNet Open Workshop Oslo, 24. June 2009 "It's appalling how much worse VoIP is compared to the PSTN. If these problems aren't fixed,
More informationAn outline of the security threats that face SIP based VoIP and other real-time applications
A Taxonomy of VoIP Security Threats An outline of the security threats that face SIP based VoIP and other real-time applications Peter Cox CTO Borderware Technologies Inc VoIP Security Threats VoIP Applications
More informationHow to make free phone calls and influence people by the grugq
VoIPhreaking How to make free phone calls and influence people by the grugq Agenda Introduction VoIP Overview Security Conclusion Voice over IP (VoIP) Good News Other News Cheap phone calls Explosive growth
More informationVoice over IP & Other Multimedia Protocols. SIP: Session Initiation Protocol. IETF service vision. Advanced Networking
Advanced Networking Voice over IP & Other Multimedia Protocols Renato Lo Cigno SIP: Session Initiation Protocol Defined by IETF RFC 2543 (first release march 1999) many other RFCs... see IETF site and
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationVOICE OVER IP SECURITY
VOICE OVER IP SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationDenial of Services on SIP VoIP infrastructures
Denial of Services on SIP VoIP infrastructures Ge Zhang Karlstad University ge.zhang@kau.se 1 Outline Background Denial of Service attack using DNS Conclusion 2 VoIP What is VoIP? What is its advantage?
More informationAuthentication and Authorisation for Integrated SIP Services in Heterogeneous Environments 1
Authentication and Authorisation for Integrated SIP Services in Heterogeneous Environments 1 Dorgham Sisalem, Jiri Kuthan Fraunhofer Institute for Open Communication Systems (FhG Fokus) Kaiserin-Augusta-Allee
More informationVoIP Security regarding the Open Source Software Asterisk
Cybernetics and Information Technologies, Systems and Applications (CITSA) 2008 VoIP Security regarding the Open Source Software Asterisk Prof. Dr.-Ing. Kai-Oliver Detken Company: DECOIT GmbH URL: http://www.decoit.de
More informationTransparent weaknesses in VoIP
Transparent weaknesses in VoIP Peter Thermos peter.thermos@palindrometech.com 2007 Palindrome Technologies, All Rights Reserved 1 of 56 Speaker Background Consulting Government and commercial organizations,
More informationA Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.
A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money
More informationDenial of Service Attacks Targeting a SIP VoIP Infrastructure: Attack Scenarios and Prevention Mechanisms
Denial of Service Attacks Targeting a SIP VoIP Infrastructure: Attack Scenarios and Prevention Mechanisms Dorgham Sisalem and Jiri Kuthan, Tekelec Sven Ehlert, Fraunhofer Fokus Abstract In this article
More informationA SIP based VOIP to avoid Vulnerabilities in designing VOIP network in Enterprise
A SIP based VOIP to avoid Vulnerabilities in designing VOIP network in Enterprise K.Subhash Bhagavan #1, Kirankumar.P #2, MVSS Nagendranath#3, #1 Student, Sasi Institute of Technology and Engineering,
More informationPart II. Prof. Ai-Chun Pang Graduate Institute of Networking and Multimedia, Dept. of Comp. Sci. and Info. Engr., National Taiwan University
Session Initiation Protocol oco (SIP) Part II Prof. Ai-Chun Pang Graduate Institute of Networking and Multimedia, Dept. of Comp. Sci. and Info. Engr., National Taiwan University Email: acpang@csie.ntu.edu.tw
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationINTRODUCTION OF VOIP AND SIP SECURITY 2
INTRODUCTION OF VOIP AND SIP SECURITY 2 Ge Zhang, Karlstad University May, 2009 Outline Review SIP vulnerabilities by external infrastructures DNS server as an example Confidentiality Integrity Availability
More informationSession Initiation Protocol (SIP) 陳 懷 恩 博 士 助 理 教 授 兼 計 算 機 中 心 資 訊 網 路 組 組 長 國 立 宜 蘭 大 學 資 工 系 Email: wechen@niu.edu.tw TEL: 03-9357400 # 340
Session Initiation Protocol (SIP) 陳 懷 恩 博 士 助 理 教 授 兼 計 算 機 中 心 資 訊 網 路 組 組 長 國 立 宜 蘭 大 學 資 工 系 Email: wechen@niu.edu.tw TEL: 03-9357400 # 340 Outline Session Initiation Protocol SIP Extensions SIP Operation
More informationHow To Understand The Purpose Of A Sip Aware Firewall/Alg (Sip) With An Alg (Sip) And An Algen (S Ip) (Alg) (Siph) (Network) (Ip) (Lib
NetVanta Unified Communications Technical Note The Purpose of a SIP-Aware Firewall/ALG Introduction This technical note will explore the purpose of a Session Initiation Protocol (SIP)-aware firewall/application
More informationVoIP LAB. 陳 懷 恩 博 士 助 理 教 授 兼 所 長 國 立 宜 蘭 大 學 資 訊 工 程 研 究 所 Email: wechen@niu.edu.tw TEL: 03-9357400 # 255
SIP Traversal over NAT 陳 懷 恩 博 士 助 理 教 授 兼 所 長 國 立 宜 蘭 大 學 資 訊 工 程 研 究 所 Email: wechen@niu.edu.tw TEL: 03-9357400 # 255 Outline Introduction to SIP and NAT NAT Problem Definition NAT Solutions on NTP VoIP
More informationDENIAL OF SERVICE ATTACKS AND SIP INFRASTRUCTURE Attack Scenarios and Prevention Mechanisms
DENIAL OF SERVICE ATTACKS AND SIP INFRASTRUCTURE Attack Scenarios and Prevention Mechanisms Dorgham Sisalem, Jiri Kuthan Fraunhofer Fokus, Kaiserin-Augusta-Allee 31, 10589 Berlin, Germany sisalem@fokus.fhg.de,
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationVOICE OVER IP (VOIP) TO ENTERPRISE USERS GIOTIS KONSTANTINOS
VOICE OVER IP (VOIP) TO ENTERPRISE USERS GIOTIS KONSTANTINOS Master of Science in Networking and Data Communications THESIS Thesis Title Voice over IP (VoIP) to Enterprise Users Dissertation submitted
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationBasic Vulnerability Issues for SIP Security
Introduction Basic Vulnerability Issues for SIP Security By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com The Session Initiation Protocol (SIP) is the future
More informationUser authentication in SIP
User authentication in SIP Pauli Vesterinen Helsinki University of Technology pjvester@cc.hut.fi Abstract Today Voice over Internet Protocol (VoIP) is used in large scale to deliver voice and multimedia
More informationVoice Printing And Reachability Code (VPARC) Mechanism for prevention of Spam over IP Telephony (SPIT)
Voice Printing And Reachability Code (VPARC) Mechanism for prevention of Spam over IP Telephony (SPIT) Vijay Radhakrishnan & Ranjith Mukundan Wipro Technologies, Bangalore, India Email:{radhakrishnan.vijay,
More informationBest Practices for SIP Security
Best Practices for SIP Security IMTC SIP Parity Group Version 21 November 9, 2011 Table of Contents 1. Overview... 33 2. Security Profile... 33 3. Authentication & Identity Protection... 33 4. Protecting
More informationVoice over IP Security
Voice over IP Security Patrick Park Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA vii Contents Introduction xvii Part I VoIP Security Fundamentals 3 Chapter 1 Working with
More informationAnat Bremler-Barr Ronit Halachmi-Bekel Jussi Kangasharju Interdisciplinary center Herzliya Darmstadt University of Technology
Unregister Attack in SIP Anat Bremler-Barr Ronit Halachmi-Bekel Jussi Kangasharju Interdisciplinary center Herzliya Darmstadt University of Technology Unregister Attack We present a new VoIP Denial Of
More informationSession Initiation Protocol Security Considerations
Session Initiation Protocol Security Considerations Sami Knuutinen Helsinki University of Technology Department of Computer Science and Engineering May 28, 2003 Abstract Session Initiation Protocol (SIP)
More informationIngate Firewall/SIParator SIP Security for the Enterprise
Ingate Firewall/SIParator SIP Security for the Enterprise Ingate Systems February, 2013 Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?...
More informationSPAM over Internet Telephony (SPIT) und Abwehrmöglichkeiten
Zukunft der Netze, 20.03.2009 SPAM over Internet Telephony (SPIT) und Abwehrmöglichkeiten Dirk Hoffstadt (Uni Duisburg-Essen) Christoph Sorge (NEC) Yacine Rebahi (Fraunhofer FOKUS) Outline Introduction
More informationSession Initiation Protocol (SIP)
SIP: Session Initiation Protocol Corso di Applicazioni Telematiche A.A. 2006-07 Lezione n.7 Ing. Salvatore D Antonio Università degli Studi di Napoli Federico II Facoltà di Ingegneria Session Initiation
More informationVoice over IP (SIP) Milan Milinković milez@sbox.tugraz.at 30.03.2007.
Voice over IP (SIP) Milan Milinković milez@sbox.tugraz.at 30.03.2007. Intoduction (1990s) a need for standard protocol which define how computers should connect to one another so they can share media and
More informationTSIN02 - Internetworking
TSIN02 - Internetworking Lecture 9: SIP and H323 Literature: Understand the basics of SIP and it's architecture Understand H.323 and how it compares to SIP Understand MGCP (MEGACO/H.248) SIP: Protocol
More informationNAT TCP SIP ALG Support
The feature allows embedded messages of the Session Initiation Protocol (SIP) passing through a device that is configured with Network Address Translation (NAT) to be translated and encoded back to the
More informationAdvanced Networking Voice over IP & Other Multimedia Protocols
Advanced Networking Voice over IP & Other Multimedia Protocols Renato Lo Cigno SIP: Session Initiation Protocol Defined by IETF RFC 2543 (first release march 1999) many other RFCs... see IETF site and
More informationEE4607 Session Initiation Protocol
EE4607 Session Initiation Protocol Michael Barry michael.barry@ul.ie william.kent@ul.ie Outline of Lecture IP Telephony the need for SIP Session Initiation Protocol Addressing SIP Methods/Responses Functional
More informationSIP OVER NAT. Pavel Segeč. University of Žilina, Faculty of Management Science and Informatics, Slovak Republic e-mail: Pavel.Segec@fri.uniza.
SIP OVER NAT Pavel Segeč University of Žilina, Faculty of Management Science and Informatics, Slovak Republic e-mail: Pavel.Segec@fri.uniza.sk Abstract Session Initiation Protocol is one of key IP communication
More informationAV@ANZA Formación en Tecnologías Avanzadas
SISTEMAS DE SEÑALIZACION SIP I & II (@-SIP1&2) Contenido 1. Why SIP? Gain an understanding of why SIP is a valuable protocol despite competing technologies like ISDN, SS7, H.323, MEGACO, SGCP, MGCP, and
More informationSIP Introduction. Jan Janak
SIP Introduction Jan Janak SIP Introduction by Jan Janak Copyright 2003 FhG FOKUS A brief overview of SIP describing all important aspects of the Session Initiation Protocol. Table of Contents 1. SIP Introduction...
More informationSIP Security. ENUM-Tag am 28. September in Frankfurt. Prof. Dr. Andreas Steffen. Agenda. andreas.steffen@zhwin.ch
ENUM-Tag am 28. September in Frankfurt SIP Security Prof. Dr. Andreas Steffen andreas.steffen@zhwin.ch Andreas Steffen, 28.09.2004, ENUM_SIP.ppt 1 Agenda SIP The Session Initiation Protocol Securing the
More informationThe VoIP Vulnerability Scanner
SiVuS (SiP Vulnerability Scanner) The VoIP Vulnerability Scanner User Guide v1.07 www.vopsecurity.org Contents 1 INTRODUCTION... 3 2 SIVUS FEATURES AND FUNCTIONALITY... 4 3 INSTALLATION... 5 4 OPERATION...
More informationNTP VoIP Platform: A SIP VoIP Platform and Its Services
NTP VoIP Platform: A SIP VoIP Platform and Its Services Speaker: Dr. Chai-Hien Gan National Chiao Tung University, Taiwan Email: chgan@csie.nctu.edu.tw Date: 2006/05/02 1 Outline Introduction NTP VoIP
More informationDoS/DDoS Attacks and Protection on VoIP/UC
DoS/DDoS Attacks and Protection on VoIP/UC Presented by: Sipera Systems Agenda What are DoS and DDoS Attacks? VoIP/UC is different Impact of DoS attacks on VoIP Protection techniques 2 UC Security Requirements
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls
More informationSIP ALG - Session Initiated Protocol Applications- Level Gateway
SIP ALG is a parameter that is generally enabled on most commercial router because it helps to resolve NAT related problems. However, this parameter can be very harmful and can actually stop SIP Trunks
More informationSIP Security in IP Telephony
SIP Security in IP Telephony Muhammad Yeasir Arafat and M. Abdus Sobhan School of Engineering and Computer Science Independent University, Bangladesh E-mail: sobhan30@gmail.com Abstract Today the session
More informationMedia Gateway Controller RTP
1 Softswitch Architecture Interdomain protocols Application Server Media Gateway Controller SIP, Parlay, Jain Application specific Application Server Media Gateway Controller Signaling Gateway Sigtran
More informationSIP Essentials Training
SIP Essentials Training 5 Day Course Lecture & Labs COURSE DESCRIPTION Learn Session Initiation Protocol and important protocols related to SIP implementations. Thoroughly study the SIP protocol through
More informationSIP Basics. CSG VoIP Workshop. Dennis Baron January 5, 2005. Dennis Baron, January 5, 2005 Page 1. np119
SIP Basics CSG VoIP Workshop Dennis Baron January 5, 2005 Page 1 Outline What is SIP SIP system components SIP messages and responses SIP call flows SDP basics/codecs SIP standards Questions and answers
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview
More informationSIP: Session Initiation Protocol. Copyright 2005 2008 by Elliot Eichen. All rights reserved.
SIP: Session Initiation Protocol Signaling Protocol Review H323: ITU peer:peer protocol. ISDN (Q.931) signaling stuffed into packets. Can be TCP or UDP. H225: Q931 for call control, RAS to resolve endpoints
More informationABC SBC: Securing the PBX. FRAFOS GmbH
ABC SBC: Securing the PBX FRAFOS GmbH Introduction A widely reported fraud scenarios is the case of a malicious user detecting the address of a company s PBX and accessing that PBX directly. Once the attacker
More informationFirewalls, Tunnels, and Network Intrusion Detection. Firewalls
Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.
More informationSecurity of VoIP. Analysis, Testing and Mitigation of SIP-based DDoS attacks on VoIP Networks
Security of VoIP Analysis, Testing and Mitigation of SIP-based DDoS attacks on VoIP Networks A thesis submitted in partial fulfilment of the requirements for the Degree of Master of Science in Computer
More information3.1 SESSION INITIATION PROTOCOL (SIP) OVERVIEW
3.1 SESSION INITIATION PROTOCOL (SIP) OVERVIEW SIP is an application layer protocol that is used for establishing, modifying and terminating multimedia sessions in an Internet Protocol (IP) network. SIP
More informationUnregister Attacks in SIP
Unregister Attacks in SIP Anat Bremler-Barr Ronit Halachmi-Bekel Interdisciplinary Center Herzliya Email: {bremler,halachmi.ronit}@idc.ac.il Jussi Kangasharju Darmstadt University of Technology jussi@tk.informatik.tu-darmstadt.de
More informationVoIP Security. Seminar: Cryptography and Security. 07.06.2006 Michael Muncan
VoIP Security Seminar: Cryptography and Security Michael Muncan Overview Introduction Secure SIP/RTP Zfone Skype Conclusion 1 Introduction (1) Internet changed to a mass media in the middle of the 1990s
More informationOSSIR, November 2010 emil.ivov@sip-communicator.org 1/45
OSSIR, November 2010 emil.ivov@sip-communicator.org 1/45 Real-time Communication Applications OSSIR, November 2010 emil.ivov@sip-communicator.org 2/45 Protocols sip & xmpp OSSIR, November 2010 emil.ivov@sip-communicator.org
More informationSecurity Issues of SIP
Master Thesis Electrical Engineering Thesis no: MEE10:74 June 2010 BLEKINGE INSTITUTE OF TECHNOLOGY SCHOOL OF ENGINEERING DEPARTMENT OF TELECOMMUNICATION SYSTEMS Security Issues of SIP MASTER S THESIS
More informationVoIP. What s Voice over IP?
VoIP What s Voice over IP? Transmission of voice using IP Analog speech digitized and transmitted as IP packets Packets transmitted on top of existing networks Voice connection is now packet switched as
More informationMultimedia & Protocols in the Internet - Introduction to SIP
Information and Communication Networks Multimedia & Protocols in the Internet - Introduction to Siemens AG 2004 Bernard Hammer Siemens AG, München Presentation Outline Basics architecture Syntax Call flows
More informationFRAFOS GmbH Windscheidstr. 18 Ahoi 10627 Berlin Germany info@frafos.com www.frafos.com
WebRTC for the Enterprise FRAFOS GmbH FRAFOS GmbH Windscheidstr. 18 Ahoi 10627 Berlin Germany info@frafos.com www.frafos.com This document is copyright of FRAFOS GmbH. Duplication or propagation or extracts
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationVoice over IP. VoIP (In) Security. Presented by Darren Bilby NZISF 14 July 2005
Voice over IP VoIP (In) Security Presented by Darren Bilby NZISF 14 July 2005 Security-Assessment.com Who We Are NZ s only pure-play security firm Largest team of security professionals in NZ Offices in
More informationSIP: Protocol Overview
SIP: Protocol Overview NOTICE 2001 RADVISION Ltd. All intellectual property rights in this publication are owned by RADVISION Ltd. and are protected by United States copyright laws, other applicable copyright
More informationHacking Trust Relationships of SIP Gateways
Hacking Trust Relationships of SIP Gateways Author : Fatih Özavcı Homepage : gamasec.net/fozavci SIP Project Page : github.com/fozavci/gamasec-sipmodules Version : 0.9 Hacking Trust Relationship Between
More informationSIP SECURITY WILEY. Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne. A John Wiley and Sons, Ltd.
SIP SECURITY Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne WILEY A John Wiley and Sons, Ltd., Publication Foreword About the Authors Acknowledgment xi xiii xv 1 Introduction
More informationDeployment of Snort IDS in SIP based VoIP environments
Deployment of Snort IDS in SIP based VoIP environments Jiří Markl, Jaroslav Dočkal Jaroslav.Dockal@unob.cz K-209 Univerzita obrany Kounicova 65, 612 00 Brno Czech Republic Abstract This paper describes
More informationStorming SIP Security
Attack Sandro Gauci Difficulty VoIP is a hot and steadily gaining market share in the phone business. As people constantly seek to make long distance calls cheaper, they are moving away from relying on
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationRequest for Comments: 4579. August 2006
Network Working Group Request for Comments: 4579 BCP: 119 Category: Best Current Practice A. Johnston Avaya O. Levin Microsoft Corporation August 2006 Status of This Memo Session Initiation Protocol (SIP)
More informationAnalysis of a VoIP Attack
IPCom Gesellschaft für internetbasierte Kommunikationsdienste mbh Analysis of a VoIP Attack Klaus Darilion, IPCom GmbH, klaus.darilion@ipcom.at Abstract: Recently, several IT news websites reported VoIP
More informationSecuring SIP Trunks APPLICATION NOTE. www.sipera.com
APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)
More informationGuidance Regarding Skype and Other P2P VoIP Solutions
Guidance Regarding Skype and Other P2P VoIP Solutions Ver. 1.1 June 2012 Guidance Regarding Skype and Other P2P VoIP Solutions Scope This paper relates to the use of peer-to-peer (P2P) VoIP protocols,
More informationVirtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN
Virtual private network Network security protocols COMP347 2006 Len Hamey Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Public internet Security protocol encrypts
More informationInternational Telecommunication Union. IETF Security Work. Magnus Nyström. Technical Director, RSA Security Presentation made on behalf of the IETF
International Telecommunication Union IETF Security Work Magnus Nyström Technical Director, RSA Security Presentation made on behalf of the IETF Background Internet Engineering Task Force o International
More informationA Novel Approach for Evaluating and Detecting Low Rate SIP Flooding Attack
A Novel Approach for Evaluating and Detecting Low Rate SIP Flooding Attack Abhishek Kumar Department of Computer Science and Engineering-Information Security NITK Surathkal-575025, India Dr. P. Santhi
More informationOverview of VoIP Systems
2 Overview of VoIP Systems In their simplest form, Voice over IP protocols simply enable two (or more) devices to transmit and receive real-time audio traffic that allows their respective users to communicate.
More informationSIP Session Initiation Protocol Nicolas Montavont nicolas.montavont@telecom-bretagne.eu
SIP Session Initiation Protocol Nicolas Montavont nicolas.montavont@telecom-bretagne.eu SIP Session Initiation Protocol Henning Schulzrinne Department of Computer Science Columbia University, New York,
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationSIP Security Controllers. Product Overview
SIP Security Controllers Product Overview Document Version: V1.1 Date: October 2008 1. Introduction UM Labs have developed a range of perimeter security gateways for VoIP and other applications running
More informationSafeguards Against Denial of Service Attacks for IP Phones
W H I T E P A P E R Denial of Service (DoS) attacks on computers and infrastructure communications systems have been reported for a number of years, but the accelerated deployment of Voice over IP (VoIP)
More informationComparing Session Border Controllers to Firewalls with SIP Application Layer Gateways in Enterprise Voice over IP and Unified Communications Scenarios
An Oracle White Paper June 2013 Comparing Session Border Controllers to Firewalls with SIP Application Layer Gateways in Enterprise Voice over IP and Unified Communications Scenarios Introduction Voice
More informationHow To Understand How Open Source And Free Software Work Together
Free and Open Source Software in relation to Asterisk* Lars Strand lars.strand@redpill-linpro.com Ibidium's Asterisk course Oslo, NR, 8.-11. September 2009 What is this? What is free software? What is
More information20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7
20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic
More informationA Comparative Study of Signalling Protocols Used In VoIP
A Comparative Study of Signalling Protocols Used In VoIP Suman Lasrado *1, Noel Gonsalves *2 Asst. Prof, Dept. of MCA, AIMIT, St. Aloysius College (Autonomous), Mangalore, Karnataka, India Student, Dept.
More informationAsymetrical keys. Alices computer generates a key pair. A public key: XYZ123345 (Used to encrypt) A secret key: ABC98765 (Used to decrypt)
Encryption keys Symmetrical keys Same key used for encryption and decryption Exchange of symmetrical keys between parties difficult without risk of interception Asymmetrical keys One key for encryption
More informationA Lightweight Secure SIP Model for End-to-End Communication
A Lightweight Secure SIP Model for End-to-End Communication Weirong Jiang Research Institute of Information Technology, Tsinghua University, Beijing, 100084, P.R.China jwr2000@mails.tsinghua.edu.cn Abstract
More informationReadyNAS Remote White Paper. NETGEAR May 2010
ReadyNAS Remote White Paper NETGEAR May 2010 Table of Contents Overview... 3 Architecture... 3 Security... 4 Remote Firewall... 5 Performance... 5 Overview ReadyNAS Remote is a software application that
More informationInternet Firewall CSIS 3230. Internet Firewall. Spring 2012 CSIS 4222. net13 1. Firewalls. Stateless Packet Filtering
Internet Firewall CSIS 3230 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 8.8: Packet filtering, firewalls, intrusion detection Ch
More informationSession Border Controller
CHAPTER 13 This chapter describes the level of support that Cisco ANA provides for (SBC), as follows: Technology Description, page 13-1 Information Model Objects (IMOs), page 13-2 Vendor-Specific Inventory
More informationIP-Telephony SIP & MEGACO
IP-Telephony SIP & MEGACO Bernard Hammer Siemens AG, Munich Siemens AG 2001 1 Presentation Outline Session Initiation Protocol Introduction Examples Media Gateway Decomposition Protocol 2 IETF Standard
More informationKommunikationsdienste im Internet Möglichkeiten und Risiken
Die Zukunft der Kommunikationsdienste im Internet Möglichkeiten und Risiken Erwin P. Rathgeb Technik der Rechnernetze, Universität Duisburg-Essen Jochen Kögel, Marc Barisch IKR, Universität Stuttgart Steffen
More information12/8/2015. Review. Final Exam. Network Basics. Network Basics. Network Basics. Network Basics. 12/10/2015 Thursday 5:30~6:30pm Science S-3-028
Review Final Exam 12/10/2015 Thursday 5:30~6:30pm Science S-3-028 IT443 Network Security Administration Instructor: Bo Sheng True/false Multiple choices Descriptive questions 1 2 Network Layers Application
More informationInternet Working 15th lecture (last but one) Chair of Communication Systems Department of Applied Sciences University of Freiburg 2005
15th lecture (last but one) Chair of Communication Systems Department of Applied Sciences University of Freiburg 2005 1 43 administrational stuff Next Thursday preliminary discussion of network seminars
More information