Nytro Posted May 1, 2012 Report Posted May 1, 2012 SIP home gateways under fireThe SIP home gateway -- which combines a NAT router, a SIP proxy, and analogue phone adapters -- is the weakest link in a Voice over IP network. SIP's numerous source routing mechanisms share the well-known security weaknesses of IP source routing. The talk discusses possible exploits and countermeasures. Telephony is steadily moving to Voice over IP, opening up a world of hacking opportunities. While many security issues have long been addressed in standardization, real-world VoIP suffers from incomplete and sometimes broken implementations. SIP home gateways -- which combine a NAT router, a SIP proxy, and a phone adapter are especially at risk. The predominant VoIP protocol SIP (Session Initiation Protocol) has been designed as an -- almost -- stateless protocol. The network elements responsible for call routing only keep very little and short-lived state. This makes SIP highly scalable and substantially simplifies fail-over. To achieve this, SIP uses source routing mechanisms extensively. Due to its security weaknesses, the network layer protocols have long abandoned the idea of source routing, despite its theoretical appeal. Some IP source routing attacks and countermeasures can be applied to SIP.[TABLE=class: datatable][TR][TD=class: highlight]Authors[/TD] [TD=class: lowlight] Wolfgang Beck [/TD] [/TR] [TR] [TD=class: highlight]Submitted[/TD] [TD=class: lowlight]May 01, 2012[/TD][/TR][/TABLE]Download:[/B]http://mirror.fem-net.de/CCC/27C3/mp3-audio-only/27c3-4181-en-sip_home_gateways_under_fire.mp3[B]Sursa: IT Security and Hacking knowledge base - SecDocs Quote
