[VOIPSEC] Anyone aware of public disclosures of security incidents related to SIP trunks?
ed guy
edguy at emcsw.com
Wed Dec 23 18:18:01 CST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/22/09 6:09 AM, J. Oquendo wrote:
>
>> DY> Right. An attacker could potentially spoof the IP and trigger
> many SIP INVITES, but would not be able to receive the return traffic
> and launch the actual call.
>
Dan,
This threat is one of the reasons why sip identity (rfc 4474) is
available for asterisk
and openser/kamilio. With the right configuration, it allows you set
control access
without significantly impacting Post Dial Delay. e.g., after the
identity is authenticated,
one can make admittance decisions based on the identity or signer.
/ed
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
iEYEARECAAYFAksyszgACgkQWvZF2XC7+NUGJgCgiVckouSCZS3yawi8IETcT5vQ
0v4AnijF4+Bvs527ALQnzXg3IEdPUfqp
=Q/wp
-----END PGP SIGNATURE-----
More information about the Voipsec
mailing list