SIP VULNERABILITIES TESTING IN SESSION ESTABLISHMENT & USER REGISTRATION

Peter Qi Qiu, Ostap Monkewic, Robert L. Probert

Abstract

This paper describes an attack-directed approach to test SIP authentication vulnerabilities in session establishment and user registration. This approach aims to exercise the known areas of weakness including the inherent vulnerabilities in SIP specification and the implementation vulnerabilities caused by programmers’ negligence. By using this approach and a self-made testing tool, we have successfully identified a number of vulnerabilities in a popular open source SIP implementation, namely VOCAL. This effective approach can also be used to test any other SIP implementations.

References

  1. Rosenberg, J, Schulzrinne, H, Camarillo, G, et al. SIP: Session Initiation Protocol, RFC3261, June 2002.
  2. Handley, M., Schulzrinne, H., Schooler, E. and J. Rosenberg. SIP: Session Initiation Protocol, RFC 2543, March 1999.
  3. Dierks, T., Allen, C. The TLS Protocol, Version 1.0 RFC 2246, January 1999.
  4. Michael Thomas, SIP Security Framework, draft-thomassip-sec-framework-00.txt. July 12, 2001
  5. B. Campbell, J. Rosenberg, H. Schulzrinne, C. Huitema, D. Gurle. RFC 3428 - Session Initiation Protocol (SIP) Extension for Instant Messaging, December 2002.
  6. H. Schulzrinne, AMinimalist Security Framework for SIP, draft-schulzrinne-sip-security-00.txt. November 18, 2001.
  7. J. Undery, S. Sen, V. Torvinen. SIP Digest Authentication: Extensions to HTTP Digest Authentication, draftundery-sip-auth-00.txt. January 2002.
  8. RFC 2316, April 1998.
  9. Dusse, S, et al. "S/MIME Version 2 Message Specification", RFC 2311, March 1998.
  10. S. Kent, R. Atkinson. Security Architecture for the Internet Protocol, RFC2401. November 1998.
  11. Cisco whitepaper: Security in SIP-Based Networks. http://www.cisco.com/warp/public/cc/techno/ tyvdve/sip/prodlit/sipsc_wp.pdf. Accessed in Nov. 2003.
  12. D. Comer, Computer and Networks with Internet Applications, Pearson Prentice Hall, 2003.
  13. I. Dalgic, H. Fang. Comparison of H.323 and SIP for IP Telephony Signaling, http://www.nostech.co.kr/reference/data/voip/Compari son%20of%20H.323%20and%20SIP.pdf. Accessed in December 2003.
  14. Fielding, R., Gettys, J., Mogul, J., Frysyk, H., Masinter, L., Leach, P. and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
  15. W. Stallings. Cryptography and Network Security: Principles and Pratices, 2nd edition. Prentice-Hall, June 1998.
  16. http://www.linuxsecurity.com/docs/HackFAQ/cryptology-04.shtml. Accessed in December 2003.
  17. Rivest, R., “The MD5 Message-Digest Algorithm”, RFC 1321, April 1992.
  18. VOCAL: http://www.vovida.org/. accessed in August 2003.
Download


Paper Citation


in Harvard Style

Qi Qiu P., Monkewic O. and L. Probert R. (2004). SIP VULNERABILITIES TESTING IN SESSION ESTABLISHMENT & USER REGISTRATION . In Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 1: SVoIPNet, (ICETE 2004) ISBN 972-8865-15-5, pages 223-229. DOI: 10.5220/0001405402230229


in Bibtex Style

@conference{svoipnet04,
author={Peter Qi Qiu and Ostap Monkewic and Robert L. Probert},
title={SIP VULNERABILITIES TESTING IN SESSION ESTABLISHMENT & USER REGISTRATION},
booktitle={Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 1: SVoIPNet, (ICETE 2004)},
year={2004},
pages={223-229},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001405402230229},
isbn={972-8865-15-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 1: SVoIPNet, (ICETE 2004)
TI - SIP VULNERABILITIES TESTING IN SESSION ESTABLISHMENT & USER REGISTRATION
SN - 972-8865-15-5
AU - Qi Qiu P.
AU - Monkewic O.
AU - L. Probert R.
PY - 2004
SP - 223
EP - 229
DO - 10.5220/0001405402230229