Hosting Provided By

[Mlabs] Scrutinising SIP Payloads : Traversing Attack Vectors in VOIP and IM

From: Aditya K Sood <zeroknock(at)secniche.org>
Date: Thu Sep 20 2007 - 00:18:09 EDT

I have released core research paper on SIP comprising of Payload problems and Attack vectors.

This research paper lays stress on the potential weaknesses present in the SIP
which make it vulnerable to stringent attacks. The point of discussion is to understand the weak spots in the protocol. The payloads constitute the request vectors. The protocol inherits well defined security procedures and implementation objects. The security model is hierarchical and is diverged in
every working layer of SIP from top to bottom. SIP features can be exploited easily if definitive attack base is subjugated. We will discuss about inherited
flaws and methods to combat against predefined attacks. The payloads have to be scrutinized at the network level. It is critical because payloads are considered as infection bases to infect networks . The pros and cons will be enumerated from security perspective.

You can download paper at:

http://mlabs.secniche.org/papers/Scruti_SIP_Payloads.pdf

Regards
Aks aka 0kn0ck Received on Thu Sep 20 11:22:57 2007

This message: [ Message body ]
Next message: security-alert(at)hp.com: "[security bulletin] HPSBUX02251 SSRT071449 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning"
Previous message: pdp (architect): "0day: PDF pwns Windows"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 28 2007 - 06:16:25 EDT