[VOIPSEC] Actual Attacks
Christopher A. Martin
chris at sip1.com
Thu Feb 17 22:37:52 CST 2005
I have performed a few direct attacks during my risk assessments in my
testing days that surfaced a few simple flaws; one example would be a sip
proxy, I'll leave the vendor unnamed, that did not utilize fresh nonces for
use in the SIP digest authentication scheme.
I was able to replay captured packets to a sip phone several times. The key
here is that the reply was performed a week after the capture, and I was
merely timing the individual packet response manually to cause the phones to
ring.
That's where testing tools come in handy to verify that a vendor's product
doesn't hold such subtle flaws.
Others are related to spam very closely. If the implementer does not check
the domain or perform authentication, even at the most basic level of a
username and password, then yes, spam could be multiplied a 100 times more
effective than the analog counterpart.
Some implementers may feel that this level of checking is too much overhead
or costly and not such a big risk to justify (you have to love
rationalization), so I predict that we still might see headlines about this
one in the near future.
By the way, the vendor fixed the nonce problem very quickly.
:)
________________________________
Christopher A. Martin
P.O. Box 1264
Cedar Hill, Texas 75106
Domains.SIP1.com
http://domains.sip1.com
Low cost domain name registration & other Internet services.
Sign up for your PayPal merchant account today and start selling your
products on line today!
https://www.paypal.com/us/mrb/pal=Q622ZEE3CUWM8
-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Robert Rolen
Sent: Thursday, February 17, 2005 6:30 AM
To: Voipsec at voipsa.org
Subject: [VOIPSEC] Actual Attacks
Has a catalog or database been established to report and track actual
attacks against VOIP systems. I realize there are typical internet attacks
(spoofing, Trojans, sniffers, denial of service), but are the attacks being
documented to track the increase in attacks.
There are a lot of telecommunications managers that are not talking with
the IT departments and some of the IT departments see the telephone system
as just another responsibility added to their staff.
The trend of convergence for all security systems (Access Control, CCTV,
Alarms) into IP networks is rapidly becoming a reality.
Is there a trend to continue the isolation of the telephone system from the
office LAN?
A storybook of problems, incidents and trends would go a long way to enhance
the VOIP protection budget.
Any Thoughts?
Bob Rolen
Birmingham, Al
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
More information about the Voipsec
mailing list