Security Incidents mailing list archives
Re: SIP based attacks??
From: "Jay D. Dyson" <jdyson () treachery net>
Date: Fri, 3 Dec 2004 10:13:59 -0800 (PST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 3 Dec 2004, Mark Teicher wrote:
Has anyone observed SIP network based exploits such as: Malformed SIP Message attacks SIP register flooding attacks Injection of unauthorized RTP session attacks DDOS into existing RTP Flow attacks RTP session hijacking attacks in a live production network not just simulation?
Last I saw, the Session Initiation Protocol (SIP) was being championed exclusively by Microsoft and everyone else was using the IETF standard XMPP. Moreover, most of the Microsoft SIP products were -- last time I looked -- hardly what you'd call ready for prime-time.
Heck, 99.9% of the literature I've seen on SIP is little but a valentine that Microsoft wrote to itself. And I'm being nice here.
The most recent news on the subject that I've seen indicated that Microsoft planned a release on December 1st for the latest version of its server software which (and I quote) "aims to give companies more secure instant messaging and other corporate communications tools."
*ahem* Microsoft offering a "secure" service? That'll be a refreshing change from the usual MS-malware fare.
- -Jay ( ( _______ )) )) .-"There's always time for a good cup of coffee"-. >====<--. C|~~|C|~~| (>----- Jay D. Dyson -- jdyson () treachery net -----<) | = |-' `--' `--' `---- Doves fly in flocks. Eagles fly solo. ----' `------' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (TreacherOS) Comment: See http://www.treachery.net/~jdyson/ for current keys. iD8DBQFBsKzsBYoRACwSF0cRAjXcAJ91bMTy1Vfy8zECuHmP6Rb3usQ7YwCgqQGv 082LrVqg6wdkCuMqLWa8OCk= =ftmn -----END PGP SIGNATURE-----
Current thread:
- SIP based attacks?? Mark Teicher (Dec 03)
- Re: SIP based attacks?? Jay D. Dyson (Dec 03)
- <Possible follow-ups>
- RE: SIP based attacks?? Jeremiah Cornelius (Dec 03)