Next VOIP Page..

To Contact Me

Phone: 07768 113497

Fax: 01473 423491


SIP Components-- Attack Protection

--Data Network Protection

Home Page | Network Penetration Testing | Firewall and VPN Engineering | Network Design | Security Policy | Network Support | Employment / Contract History | CV and References | Personal

Click to email me

Back to VOIP page..

  • User Agent - Any device that provides services (voice, video etc.)

  • If initiating a call, the device is a User Agent Client (UAC)

  • If answering, the device is a User Agent Server (UAS)

  • Proxy Server - Forwards requests to other SIP servers or User Agents, and will perform logging for billing and accounting

  • Redirect Server - Will respond back to clients with address of requested device

  • Registrar - User Agents will register with the registrar for permission to place calls within the domain


Attacks to this Infrastructure are …


  • Identity theft and impersonation

  • Session eavesdropping

  • Voicemail Bombing

  • Session hijacking and redirection

  • SIP Spam

  • Malformed Messages

  • Buffer Overflow Attacks

  • Denial-of-Service Attacks packets into existing RTP flows

  • RTP session hijacking

  • SIP registrar flooding

  • Injection of unauthorized RTP



Consequently, VOIP infrastructure should be protected from these risks  .. and  ..


Should offer dynamic management of inbound and outbound SIP requests and the routing of real-time traffic to the appropriate destination, and maintaining full access control and authentication. It is important to address the complex issues of NAT and firewall traversal of SIP protocols, while supporting instant messaging, conferencing and VoIP (Voice Over Internet Protocol) across all networks. 


However ….


Government Data Networks should be protected  from compromises possible on VOIP networks while Border Infrastructure is still not EAL4 Evaluated.  …


Next ...