Bugtraq mailing list archives
[Mlabs] Scrutinising SIP Payloads : Traversing Attack Vectors in VOIP and IM
From: Aditya K Sood <zeroknock () secniche org>
Date: Wed, 19 Sep 2007 21:18:09 -0700
Hi I have released core research paper on SIP comprising of Payload problems and Attack vectors. This research paper lays stress on the potential weaknesses present in the SIP which make it vulnerable to stringent attacks. The point of discussion is to understand the weak spots in the protocol. The payloads constitute the request vectors. The protocol inherits well defined security procedures and implementation objects. The security model is hierarchical and is diverged in every working layer of SIP from top to bottom. SIP features can be exploited easily if definitive attack base is subjugated. We will discuss about inherited flaws and methods to combat against predefined attacks. The payloads have to be scrutinized at the network level. It is critical because payloads are considered as infection bases to infect networks . The pros and cons will be enumerated from security perspective. You can download paper at: http://mlabs.secniche.org/papers/Scruti_SIP_Payloads.pdf Regards Aks aka 0kn0ck
Current thread:
- [Mlabs] Scrutinising SIP Payloads : Traversing Attack Vectors in VOIP and IM Aditya K Sood (Sep 20)