[Kamailio-Users] SIP Digest Access Authentication RELAY survey
Klaus Darilion
klaus.mailinglists at pernau.at
Thu Jan 15 11:00:17 CET 2009
Hi!
For those who are interested in this attack - I have attached the
relevant slides from my SIP security lectures.
regards
Klaus
PS: an exploit based on sipp scenario files is available too on request
(for educational purposes :-)
Klaus Darilion schrieb:
> IIRC to solve this issue completely the UAC should never send
> credentials to unknown parties - only to its SIP proxy (some clients
> have a "force outbound proxy" feature which does the same). Then the SIP
> proxy can remove credentials before forwarding to other parties.
>
> As soon as a client send messages (with credentials) directly to other
> parties there is nothing you can do on the proxy side.
>
> regards
> klaus
>
> Victor Pascual Ávila schrieb:
>> Hi,
>> excuse me if this message is not directly related to Kamailio.
>>
>> I'm just wondering if folks could share with me if (and how) they have
>> prevented the "SIP Digest Access Authentication RELAY" in their
>> networks (and what worked for them or not).
>> NAT boxes reduce dramatically the scenarios for a successful attack.
>> Otherwise, some might be mitigating the attack by means of forcing UAs
>> to use outbound proxies while others might be reducing the attack
>> incentives by means of message integrity.
>>
>> Any comment would be appreciated,
>
> _______________________________________________
> Kamailio (OpenSER) - Users mailing list
> Users at lists.kamailio.org
> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Practical SIP Hacking - Relay Attack.pdf
Type: application/pdf
Size: 125265 bytes
Desc: not available
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20090115/391c0300/attachment.pdf>
More information about the sr-users
mailing list