lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Fri Mar 24 10:18:36 2006
From: ivanhec at gmail.com (Ivan .)
Subject: VoIP Security whitepaper : a layered approach

Hi

and then there is MGCP/Megaco
http://www.sipcenter.com/sip.nsf/html/MGCP+Background

cheers
Ivan

On 3/24/06, Jerome Athias <jerome.athias@...e.fr> wrote:
> Hi Fred,
>
> nice paper
> btw, what about H.323?
>
> Regards
> /JA
> https://www.securinfos.info
>
> ----- Original Message -----
> From: "Frederic Charpentier" <fcharpen@...opartners.com>
> Cc: <full-disclosure@...ts.grok.org.uk>
> Sent: Thursday, March 23, 2006 3:43 PM
> Subject: [Full-disclosure] VoIP Security whitepaper : a layered approach
>
>
> > Hi FD,
> > Our team is pleased to release a whitepaper about VoIP.
> > This whitepaper propose a security analysis of the Voice Over IP
> > protocols with a layered approach.
> >
> > Link :
> > http://www.xmcopartners.com/whitepapers/voip-security-layered-approach.pdf
> >
> > Chapters :
> > 1 VOICE OVER IP SECURITY
> > 1.1 A GENERAL OVERVIEW OF VOICE OVER IP
> > 1.2 VOICE OVER IP PARTICULARITIES
> > 1.3 VOICE OVER IP ARCHITECTURES
> > 1.4 VOICE OVER IP THREATS
> > 1.4.1 Signaling Protocols Layer
> > 1.4.1.1    SIP based Denials of Service
> > 1.4.1.2    SIP based Man in the Middle/Call Hijacking
> > 1.4.1.3    Possible solutions for SIP based attacks
> > 1.4.2 Transport Protocols Layer
> > 1.4.2.1    Eavesdropping
> > 1.4.2.2    RTP Insertion attacks
> > 1.4.2.3    RTCP insertion attacks
> > 1.4.2.4    Possible solutions for RTP based attacks
> > 1.4.3    Application Layer
> > 1.5 FUTURE THREATS TO VOICE OVER IP SECURITY
> > 2 CONCLUSIONS
> >
> >
> > --
> > Xmco Partners
> > Security Consulting / Pentest
> > web  : http://www.xmcopartners.com/
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ