[VOIPSEC] Security of SIP over UDP

Christopher A. Martin chris at infravast.com
Sat Mar 12 04:49:19 GMT 2005 

Most clients use udp by default and it is the default in the spec still
isn't it?

Christopher A. Martin
P.O. Box 1264
Cedar Hill, Texas 75106
Chris at InfraVAST.com

> -----Original Message-----
> From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
> Behalf Of Mani, Mahalingam (Mahalingam)
> Sent: Friday, March 11, 2005 9:37 AM
> To: dirk.pollet at belgacom.be; Voipsec at voipsa.org
> Subject: RE: [VOIPSEC] Security of SIP over UDP
> 
> In my opinion SIP over UDP is not common (SIP/TCP is). There are
> situations where UDP is preferred, however.
> 
> So, with advent of DTLS (in advanced stages of being approved in the
> IETF http://www.ietf.org/internet-drafts/draft-rescorla-dtls-03.txt) one
> can see the choice for securing SIP/UDP is greatly enhanced.
> 
> though there's no SIP security profile yet for it (refer to
> http://www.ietf.org/internet-drafts/draft-jennings-sip-dtls-00.txt)
> there is this one in the works.
> 
> ReSIProcate SIP-stack has started to incorporate support:
> www.sipfoundry.org
> 
> -mani
> ======
> -----Original Message-----
> From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
> Behalf Of dirk.pollet at belgacom.be
> Sent: Friday, February 18, 2005 9:09 AM
> To: Voipsec at voipsa.org
> Subject: [VOIPSEC] Security of SIP over UDP
> 
> 
> Looking at VoIP services for consumers, we're wondering about the risk
> of SIP over UDP.
> 
> How easy is the spoofing of SIP messages, and has anyone already
> experienced problems such as DOS attacks, call interruptions, call
> manipulations, etc. ? Has anyone knowledge of the existence of hacking
> tools to send spoofed SIP messages over UDP ?
> 
> Secondly, should someone attack a SIP server using spoofed SIP messages
> over UDP, we assume that it is very difficult to react / protect against
> it. Any ideas/suggestions ?
> 
> Are there commercial SIP implementations that accept only SIP over TCP ?
> Any known important inconveniences of using only SIP over TCP ?
> 
> Regards
> Dirk
> dirk.pollet at belgacom.be
> 
> 
> 
> 
> **** DISCLAIMER ****
> http://www.belgacom.be/maildisclaimer
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> 
> 
> 
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list