[VOIPSEC] VoIP vulnerabilities summarization
david.castro
david.castro at adianta.net
Tue Dec 27 09:12:14 CST 2005
Hello, I'm David.
I've just read your interesting "chat", and I learned a lot, but I'd
like make a question about SIP.
Let's imagine you are making an IP phone-operator. You have a central
access point (server SIP and gateway to PSTN), or several access points
across internet. You can sell to your customers a IP-phone, so they
don't have a computer run to chat on the phone. You can't sell
expensives phones or nobody will be your customer, so the phones hasn't
TLS, IPSEC or proxy SIP, because they are connecting direct to access point.
How do you protect this scenario?
I'm using login/password in register request, but in other request I
can't by the phones. What would you do?
Thanks
More information about the Voipsec
mailing list