September 29, 2005

SIP security

SIP provides security against activities that are aimed at disrupting aspects of SIP operation. This includes activities such as eavesdropping and hijacking a call. However, SIP cannot prevent a DoS attack initiated by flooding the SIP server. Hardened servers and up to date firewalls are the best defense against DoS attacks.

SIP can ensure media security such that it would be well nigh impossible for attackers to decipher data. SIP uses Secure RTP for the encryption and authentication of every single media packet. However, if VoIP devices running on the SIP protocol communicate over a LAN such as an Ethernet hub, they become vulnerable to sniffing attacks. Enterprises prefer switched Ethernet over hubs as they are more resistant to sniffing attacks.

However, a tap can be inserted into the switch by the attackers in order to access data. In order to prevent the spoofing of IP addresses, ingress source filtering is done. Packets with suspicious IP addresses can be detected by this technique. SIP security mechanisms prevent attackers using spoofed IP addresses to fake a caller ID. The issue of spam in VoIP is only partially controlled by traditional techniques such as black / white listing; content analysis is not possible with VoIP. Even though it is possible to authenticate a call with SIP, it is not adequate protection against spam.

--
Did you enjoy this post?

September 29, 2005 | Permalink

Free VoIP Newsletter

Subscribe to The RFID Gazetteer, published monthly. Enter your email address:

« Security at the design stage | Main | VoIP in the banking sector »

Syndicate

Add to My Yahoo! Add to MyMSN
RSS Feed Subscribe at NewsGator Online Subscribe at Bloglines

Click Here

Features

Categories

Archives

Blogroll

Feedback

Network