[<prev] [next>] [day] [month] [year] [list]
Message-ID: <46F1F481.4040803@secniche.org>
Date: Wed, 19 Sep 2007 21:18:09 -0700
From: Aditya K Sood <zeroknock@...niche.org>
To: bugtraq@...urityfocus.com
Subject: [Mlabs] Scrutinising SIP Payloads : Traversing Attack Vectors in
VOIP and IM
Hi
I have released core research paper on SIP comprising of Payload problems
and Attack vectors.
This research paper lays stress on the potential weaknesses present in
the SIP
which make it vulnerable to stringent attacks. The point of discussion is to
understand the weak spots in the protocol. The payloads constitute the
request vectors. The protocol inherits well defined security procedures and
implementation objects. The security model is hierarchical and is
diverged in
every working layer of SIP from top to bottom. SIP features can be exploited
easily if definitive attack base is subjugated. We will discuss about
inherited
flaws and methods to combat against predefined attacks. The payloads have
to be scrutinized at the network level. It is critical because payloads are
considered as infection bases to infect networks . The pros and cons will be
enumerated from security perspective.
You can download paper at:
http://mlabs.secniche.org/papers/Scruti_SIP_Payloads.pdf
Regards
Aks aka 0kn0ck
Powered by blists - more mailing lists