[VOIPSEC] Mapping SIP networks?
Dustin D. Trammell
dtrammell at bpointsys.com
Tue Mar 25 13:31:06 CDT 2008
On Tue, 2008-03-25 at 13:32 -0400, Shawn Merdinger wrote:
> I'm wondering what techniques and tools folks are using to map SIP
> networks to determine the routes signaling and media streams are
> taking from a SIP user agent.
The tools you already mentioned should be fairly accurate for tracing
the media stream since that's generally point to point over the
lower-layer transport (TCP/UDP), however I think what would likely be
more accurate for signaling would be to script up a "SIP Traceroute"
using the Max-Forwards header[1]. By repeatedly sending the SIP request
that you want to trace with an incrementing Max-Forwards value, you
should get a 483 (too many hops) message back from each hop in the route
until you get the expected response from the final destination.
[1] http://www.faqs.org/rfcs/rfc3261.html Section 8.1.1.6
--
Dustin D. Trammell
Security Researcher
BreakingPoint Systems, Inc.
More information about the Voipsec
mailing list