[VOIPSEC] Security of SIP over UDP
Mani, Mahalingam (Mahalingam)
mmani at avaya.com
Fri Mar 11 15:37:24 GMT 2005
In my opinion SIP over UDP is not common (SIP/TCP is). There are
situations where UDP is preferred, however.
So, with advent of DTLS (in advanced stages of being approved in the
IETF http://www.ietf.org/internet-drafts/draft-rescorla-dtls-03.txt) one
can see the choice for securing SIP/UDP is greatly enhanced.
though there's no SIP security profile yet for it (refer to
http://www.ietf.org/internet-drafts/draft-jennings-sip-dtls-00.txt)
there is this one in the works.
ReSIProcate SIP-stack has started to incorporate support:
www.sipfoundry.org
-mani
======
-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of dirk.pollet at belgacom.be
Sent: Friday, February 18, 2005 9:09 AM
To: Voipsec at voipsa.org
Subject: [VOIPSEC] Security of SIP over UDP
Looking at VoIP services for consumers, we're wondering about the risk
of SIP over UDP.
How easy is the spoofing of SIP messages, and has anyone already
experienced problems such as DOS attacks, call interruptions, call
manipulations, etc. ? Has anyone knowledge of the existence of hacking
tools to send spoofed SIP messages over UDP ?
Secondly, should someone attack a SIP server using spoofed SIP messages
over UDP, we assume that it is very difficult to react / protect against
it. Any ideas/suggestions ?
Are there commercial SIP implementations that accept only SIP over TCP ?
Any known important inconveniences of using only SIP over TCP ?
Regards
Dirk
dirk.pollet at belgacom.be
**** DISCLAIMER ****
http://www.belgacom.be/maildisclaimer
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
More information about the Voipsec
mailing list