SIP security

SIP security

SIP security is a vast and somewhat challenging field.
  • Authentication: Can users steal other users identity?
  • Integrity: Is the SIP message received the same as the one sent?
  • Confidentiality: Is someone else listening on your SIP call setup?
  • Privacy
  • Non-repudiation: Making sure we can trace callers
In addition, the RTP media stream, the actual conversation audio, may need to be confidential.

Client security

  • Replay

Server security

  • Denial of service attacks

IETF RFCs

  • RFC 3329 Security Mechanism Agreement for the Session Initiation Protocol (SIP)
  • RFC Draft SIP digest authentication relay attack

Books



Tools

http://www.dumaisnet.ca/index.php?article=asterisk_app_filter This is a simple tool that allows to ban hosts (using iptables) if they send too much SIP traffic which could possibly indicate a brute force attack.

No comments:
Labels:
Subscribe to: Comments (Atom)