SIP security is a vast and somewhat challenging field.
In addition, the RTP media stream, the actual conversation audio, may need to be confidential.
- Authentication: Can users steal other users identity?
- Integrity: Is the SIP message received the same as the one sent?
- Confidentiality: Is someone else listening on your SIP call setup?
- Privacy
- Non-repudiation: Making sure we can trace callers
In addition, the RTP media stream, the actual conversation audio, may need to be confidential.
Client security
- Replay
Server security
- Denial of service attacks
IETF RFCs
Additional Reading
Multimedia services using SIP face a range of challenges including traversing Firewalls which were never designed to be VoIP aware, exposing a publicly accessible address for a client which invited hacking and so on. Some of the basic issues surrounding SIP and security are examined in a White Paper from Newport Networks: SIP, Security and Session Controllers- Cisco.com whitepaper: VOIP Security in SIP-Based Networks
See also
- Asterisk security
- VoIP Security Consultants - Consultants who offer various security services
- VoIP Consultants - VoIP Consultants who may provide security services or referrals outside their main line of business
- VoIP Security Training - Security Training Providers
- VoIP Security - VoIP Security Information
- VoIP Security Vulnerabilities - Security Vulnerabilities that have been publicly disclosed in VoIP products
- Hacking Tools - How to install some hacking tools
- VoIP Security Forum - Forum dedicated to VoIP security issues
- Back to SIP
Comments
333VoIP Security Solutions
The core solution for VoIP Security and VoIP anti-blocking is VGCP (VoiceGuard Control Protocol).
It can work with any 3rd-party Softphone/ATA/Gateway/IPPhone/IADs and SIP proxy or server.
It can work in the way similar to that of soho router, but it only encrypts and decrypts SIP and RTP packets on link layer, not to handup these packets to IP stack for forwarding while bypassing other data packets originating from SIP terminals. In this scenario, peak throughput and minimal CPU overhead can be easily achieved.
VoiceGuard can real-time incorporate light-weight traffic for puzzling and bypassing VoIP blocking system without consuming more bandwidth and compromising voice quality. Even in some circumstance, VoiceGuard can simulate traffic behavior of universal data networking protocol such as OICQ, MSN and so on.
For more information, please refer to: http://www.speed-voip.com/index-36.html
Andy
xd.wong@speed-voip.com
andywong-01@hotmail.com