[VOIPSEC] will vpn protect client from sipvicious svmap
n.arif.setiawan at gmail.com
Thu Jul 14 20:45:40 PDT 2011
I am testing SIP security with VPN (IPSec OpenSwan). Client is PhonerLite.
When client connected to Asterisks server using it's private IP address,
svmap still find the port by scanning it's public IP address.
I don't know if this is client behavior or how VPN work or how ports and ip
addresses related. I'm beginner in this networking things.
I assumed port opened in client to connect to Asterisk is shared between
private IP and public IP address. Or maybe something missing in VPN setup.
And unless client implement TLS, there is no protection against svmap also
inviteflood in client side.
What do you think?
More information about the Voipsec