SIP に係る 既知の脆弱性に関する 調査報告書 改訂第 3 版
Contents
1. DoS2. OD CO S8SIP SIP 12 3 1
3. 4 9 3 Web
4. 4 9 6 SIP RTP Codenomicon SIP RFC4475 SIP
5. URLL CVSS CVSS v2 Base Metrics SIP 3 1 5 I 1
6. IP TCP IP RE IPA TCP IP SIP PSTN TP 1IP PBX
7. CSeq Cseq 100 SIP 3 18 Call ID SIP SIP SIP REGISTER Cal ID 1234567 REGISTER CSeq 1 Cal ID 1234567 CSeqg 10 REGIS TER Call ID 1234567 CSeq 2 CSeqg 2 lt 10 500 Server Internal Error 13 1 Call ID Cseq 13 3 1 IPsec SSL VPN STP 2 SIP RTP
8. SSRC SSRC RTP SIP RTP 32bit SSRC SSRC SIP RTP SSRC RTCP BYE SSRC RTP gt RTP 8 2 Collision Resolution and Loop Detection RFC3550 http tools ietf org html rfc3550 section 8 2 RTCP BYE SIP RTP RTCP BYE
9. 86 SIP 3 10 RTCP HH PC LSR DLSR V P RC PT 10 4 RTCP 1 RTCP BYE RTP RTP SSRC SSRC SGynchronization Source Identifier
10. SIP 3 20 SIP TLS TLS TLS 2 21 SRTP SRTP SIP SDES SRTP RTP SRTP DTTLS SRTP Framework 22
11. 17 3 1 1 115 SIP 3 J 17 17 4 2006 9 Hacking VolP Phones 802 11b g Wireless amp Wired http Www 1o com shawnmer Yonpsecexp noconname 2006 Merdinger df 2006 7 Hacking VolP Exposed http www blackhat com presentations bh usa 06 BH US 06 Endler pdf 2005 11 Cisco 7920 Wireless IP Phone VxWorks Remote Debugger Access Vulnerability http www securityfocus com bid 15456 2007 10 Debugging with GD
12. SIP RTP 4 6 SIP SIP SIP 8SIP SIP STP SIP
13. 16 1 SIP SIP INVITE Via SDP c IP Via SIP IP SIP SIP S8SDP c SIP 5 SIP SS 9 SPP 192 168 0 10 c IN IP4 127 0 0 1 16 1 SIP SIP 111 SIP 3 16 IP SIP
14. 95 SIP 3 12 3 SQL SQL 3 S0
15. 4 RTP RTCP RTP 1 SIP efo SIP 3 10 RTCP RTP RTP RTP H 328 MEGACO TP MEGACO TP 8SIP Yo 0
16. 97 SIP 3 5 SIP H8 SIP 3 1 SIP 1 SIP 1 1 SIP 1 1 SIP SIP SIP SIP SIP N gt sip__ 3 a 4020
17. 2 7 2
18. SIP RTP IP SDP Session Description Protocol SIP UDP TCP
19. 29 SIP 3 ARP Ethernet HHA VRRP ARP Ethernet Fail Overy ARP Ethernet VRRP HA
20. 1 F I F IF STP TFTP
21. Java NET C C VM CPU C C 4 9 5 Puzzing 7Tolerance PROTOS Test Suite c07 sip
22. 22 3 1 SRTP VBR CBR 2 SRTP VBR 1 SRTP VBR 2 2 VBR 3 SRTP RTP VBR 142 SIP 3 22
23. SRTP RTP SRTP 76 SIP 3 8 RTP 8 4 1996 1 REC1889 RTP A Transport Protocol for Real Time Applications I 9 Securty http tools 1etf org htmlrfc1889 section 9 2003 7 REC3550 RTP A Transport Protocol for Real Time Applications 9 Securty http 7tools 1etf org htmlrfc3550 section 9 2003 7 RFC3551 RTP Profile for Audio and Video Conferences with Minimal Control http tools ietf org html rfc3551 http tools ietf org html rfc3711 2004 8 RFC3830 MIKEY Multimedna Internet KEYing http tools 1etf org html rfc3880 http tools ietf org htmlrfc4347 2007 6 3GPP TS 833 203 3 security Access securty for IP based se
24. 7 2 SIP SIP URI 7 1 MESSAGE 1 Ni SIP MESSAGE gt 200 OK 7 1 SIP 7 1 SIP 3 7 SIP 7 1 SIP INFO INFO DTMF
25. 1IP RTP 1IP 4ms 50ms RTP RTP
26. 135 SIP 3 21 SRTP 21 SRTP 21 1 8 RTP RTP SRTP Secure RTP SRTP STP SDP SIP SDP SRTP SIP SRTP
27. Web 124 SIP 3 19 ID Web 1D IP SIP Web 2 Web
28. 404 Not Found SIP 3 2 SIP 2 4 CANCEL 2 272 3 Ta my lt S SS SIP SIP INVITE 100 Trying SIP CANCEL 404 Not Found 200 OK ACK 487 Request Terminated 2 4 404 Not Found SIP HTTP SIP SIP STP Authentication Info SIP SIP
29. INVTTE ACK PRACK PRACK 1 6 SIP INVITE 183 Session Progress SIP 183 Session Progress PRACK SIP STP 183 Session Progress SIP PRACK SIP 500 Server Internal Error SIP 183 Session Progress STP
30. HTTP Web Web GUI SNMP GUI Web XML SNMP UDP CPU TP SNMP IP
31. SIP STP Web Web Web Web SIP RTP SIP 3
32. SIP RTP SIP 4 MM GSG SIP 3 IPv4 TCP SIP SIP SIP RTP TCP IP
33. 64 SIP 3 6 DoS SIP 6 DoS SIP 6 1 DoS Denial of Service DDoS Distributed Denial of Service SIP SIP 2 PS SA 12 DoS SIP SIP 6 2 Do8
34. SIP C strcpy gets C C C C SIP RTP C C O
35. RTP CELP Code Excited Linear Prediction CELP CELP CELP 141 SIP 3 22 SRTP
36. MCN 0 0 16 3 1 IPsec SSL VPN STP 2 SIP RTP 3 4 SIP ST RM 1 Secure SIP SIP over TLS 2 IP 112 SIP 3 16 IP SIP IP
37. TLS 133 SIP 3 20 8SIP TLS 20 4 2003 10 CA 2003 26 Multiple Advisories jm SSL TLS Implementations http www lac co jp info cert_advisory ca 2003 26 html ASN 1 OpenSSL SSLeay 2003 11 RFC 3647 X 509 PKI http www 1pa go jp security rftc RFC3647JA html RFC 3647 Internet X 509 Public Key Infrastructure Certificate Policy and Certification Practices Framework http tools ietf org html rfc3647 2006 4 REC4347 Datagram Transport Layer Security DTLS http www1 tools ietf org htmlrfc4347 2006 9 Peer Authentication Vulnerability In Ingate Products SIP Over TLS X 509
38. 13 SIP Call ID 14 SIP 15 SIP SIP SIP 16 SIP RTP 16 SIP RTP SIP HTTP HTTP S8STIP RTP 2
39. CVSS CVSS v2 10 SIP 3 2 SIP SIP SIP 2 1 SIP SIP IP IETTF SIP RFC3261 SIP TP
40. RTP RTP TP RTP TU TT SSRC CSRC V M P PT X SSRC CC CSRC CSRC 9 2 RTP RTP
41. SIP 6 3 1 2 SIP RTP 3 1 IP SIP 1 SIP TP 6 4
42. SIP RTP SIP RTP IP Ethernet SIP RTP SIP RTP SIP RTP Web IP 4 7 2 IP SIP RTP
43. 1 Secure SIP SIP over TLS EE 2002 6 RFC3261 SIP Session Initiation Protocol http tools ietf org html rfc3261 2002 6 RFC3262 Reliability of Provisional Responses in the Session Initiation Protocol SIP http tools ietf org html rfc3262 2002 6 RFC3265 Session Initiation Protocol SIP Specific Event Notification http tools ietf org html rfc3265 2000 10 RFC2976 The SIP INFO Method http tools ietf org html rfc2976 http tools ietf org html rfc3311 2002 12 RFC3428 Session Initiation Protocol SIP Extension for Instant Messaging http tools ietf org html rfc3428 RFC3515 The Session Initiation Protocol SIP Refer Method http tools ietf org html rfc3515 2004 10 RFC3903 Session Initiation Protocol SIP Extension for Event State Publication http tools ietf org html rfc3903 2007 9 OMA Push to talk Over Cellular V1 0 2 Approved Enabler http www openmobilealliance org release program poc v1 O html 71 SIP 3 7 SIP 7 5 CVSS ES
44. SNMP 125 SIP 3 19 ID SNMP IG SIP SNMP 3 SIP
45. 17 2 GDB GNU Source Level Debuggery OS VxWorks 1 2 3 114 SIP 3 TELNET TCP VxWorks 17 1
46. CA REC 3647 132 SIP 3 20 8SIP TTLS 1 TLS 2 3 RFC 5246 TLS 1 2 Appendix D Implementation Notes Appendix E F TLS ASN 1 AES SHA1 TLS
47. 102 SIP 3 14 14 14 1 14 2 SIP 9 a R nonce opaque SIP REGISTER 407
48. SIP SIP SIP 2 2 0 Ni nonce SIP MD5 MD5
49. 2 3 4 SIP RTP Fuzzing IDS8 9 1 2 3 97 SIP 3 12
50. 8IP RTP SIP RTP CUP 0 Ethernet VLAN 802 1X LAN SSID VPN SU SIP 3 SIP RTP Ethernet
51. H6 SIP 3 4 9 9 AJAX Web 2 0
52. SIP YS SLP 6 19 4 2007 2 RSA Conference 2007 Exploiting Voice over IP Networks http www hackingvop com presentations RSA 202007 pdf 2006 12 Hacking VolP Exposed Vonce over IP Security Secrets amp Solutions David hndler and Mark Collier McGraw Hill Professnonal Pubhshnng ISBN 0072263644 http Wwww hackingexposedvo1p com 2003 DefCon 11 Watching the Watchers Target Exploitation via Public Search Engines http www deftcon org nmages detcon 11 dc 11 presentations dc 11 Long dc 11 long ppt 2007 6 A Framework for Reducing Spam for Internet Telephony http wwwr tschofenig com svn draft tschofenig spit prevention framework draft tschofenng snppnng framework spt reduction 00 txt 2006 12 Hacknng VolP Exposed David Endler and Mark Colher for BlackHat 2006 http www blackhat com presentations bh usa 06 BH US 06 Endler pdf 127 SIP 3 19 ID
53. SIP SIP RTP 8 1 RTP RTP RTP 73 SIP 3 8 RTP 1 IP
54. IREE 802 8 Xerox DEC LAN Pa PANE 5 tag Fiber To The Home ITU T PCM 64kbps High Availabihty Hypertext Transfer Protocol Web Web HTML Interface Internet Control Message Protocol TCP IP
55. 4 4 9 4 9 1 12 RN 8 SIP
56. IP 200 OK SIP 2 2 STP TINVITE SIP 100 Trying SIP STP 200 OK SIP STP SIP CANCEL SDP 4 SIP SIP SIP INVITE 100 Trying SIP i CANCEL 200 OK 200 OK FR 487 Request erminated __ ___ 2 2 200 OK
57. SRTP DTLS SRTP SRTP STP SIP RTP DTLS SRTP framework REC 5763 Framework for Establishing a Secure Real time Transport Protocol SRTP Security Context Using Datagram Transport Layer Security DTLS 21 3 1 SIP SRTP RTP SIP VLAN 2 SIP TLS DTLS TIPsec 1 RTP SRTP SIP TLS DTTLS IPsec
58. IC IPA JPCERTAW a 4 3 2 LAIST meee Web JPCERT CC JPCERT 113 6591
59. 4 9 7 SIP RTP Web SQL Web PA 4 9 8 SIP RTP
60. IMS TPsec 1Psec oD IMS IPsec IPsec SIPS SRTP MS ON TIR TLS CO A IPsec OS ia 4 7 4 PS Intrusion Prevention System
61. SPIT SPIT IETF A Eramework for Reducing Spam for Internet Telephony 4 SIP ID SIP SIP SIP SIP SIP SIP TLS IPsec 5 SIP ID SIP 8SIP
62. T1Psec IP SRTP RTP 137 SIP 3 21 SRTP SRTP RFC 4568 SRTP SDP SIP SDP a a crypt sDescription SDES RFC4568 SRTP RFC4568 SDP
63. SIP 1 22 26 SIP 3 4 4 1 SIP SIP IV 1 4 SIP SIP SIP atlanta com SIP biloxi ecom SIP SIP SIP
64. 2007 7 SIP RTP Hacktool Sipbotl Fuzzing Fuzzing 94 SIP 3 12 2 INVITE S1D S1DS 3AuSer 40example comGeexample net STP 2 0 To S1D 586G 72ZGexamp1e Com From S1D 20have 20spacesGexample net gt tag 938 Max Forwa
65. 24 SIP 3 NI 2 Presentity Subscriber Watcher 1 19 3 3 NGN NGN Next Generation Network IP SIP NGN 3 8GPP IMS TP Multimedia Subsystem IMS SIP NGN SIP CC
66. 3ntitle URL murl S8STP SIP
67. RTP CNAME RR A RTCP SDES CNAME RTCP RTCP SDES RTCP BYE SSRC 3 RTCP RTCP RTCP RR RTP RTOP RR SSRC SSRC
68. IP SIP SIP SIP TIMS NGN TP IP IP PBX SIP SIP 4 3 IP
69. CVSS 26 CVSS 2 W 61 SIP 3 5 5 5 1 SIP TLS TCP TCP SIP TLS UDP 5 2 SPX TORUDP 4 es TLS TLS
70. 2 3 4 HTTP WRB 120 SIP 3 18 18 4 2005 5 Vulnerabilities in SOHO VoIP Gateways Peter Thermos and Guy Hadsall The VoPSecurnty org Forum http wwwr vopsecurty org papers Securnty_lssues_ with SOHO VolP Gate ways 052005 pdf I F VOIPSA VolP Security and Privacy Threat Taxonomy http www voipsa org Activities VOIPSA Threat Taxonomy 0 1 pdf VoIP OS TCP IP Hacknng VolP Exposed David Endler and Mark Colher for BlackHat 2006 http www blackhat com presentations bh usa 06 BH US 06 Endler pdf SNMP
71. 7C 12 13 16 SIP RTP
72. CELP QCELP Speex VBR VAD VBR VBR 90 IVBR Winny Skype P2P
73. IP IF 2 TFTP TFTP UDP TFTP UDP TFTP TFTP Ethernet IP VLAN
74. MI SIP IP IP NEAR NF a A i VPN VPN lt I SIP SS IP 1 17 TP 23 SIP 3 3 1 2 IP ISP IP SIP ISP VoIP TP SIP TP PSTN I
75. SIP SIP RFC3261 RFC2543 Authentication Info 2 3 1 IPsec SSL VPN SIP 2 SIP RTP 3 51 SIP 3 2 SIP 1 Secure SIP SIP over TLS 2 Authentication Info 2 4 2002 6 RFC3261 SIP Session Initiation Protocol 8 1 3 Processing Responses http tools ietf org html rfc3261 section 8 1 1 3 2 5 CVSS II
76. CA CA CA CA SIP SIP CA CA 1 131 SIP 3 20 8SIP TLS
77. SIP REGISTER RESUEIN 401 401 Unauthorized REGISTER 0 200 OK I 1 12 REGISTER 401 Unauthorized HTTP SIP 2 0 401 Unauthorized Via SIP 2 0 UDP pc33 example co p 5060 branch z9hG4bK7e010369 From sip alicedexample co p tag 1008141161 To sip alicedexample co o s tag 1099012396910 Call ID 2c8e0369 75671fF481397401d8E6508d51ae92a1dcGpc33 example Co Jp CSeq 1 REGTSTER WWW Authenticate Digest realm unknown nonce 8a8aeeb697577e 338dae62dc442149b8d opadue qop auth stale FALSE algorithm MD5 Content Length 0 I 1 13 REGISTER 20 SIP 3 REGISTER HTTP REGISTER S12 1 OZ UIOUOGU SIP 2 0 Via SIP 2 0 UDP pc33 example co p 5060 branch z9hG4bK6ee70373 Max Forwards 70 To S1p al1ceQGexamp1e CoO Dp From S1p alioeGexample Co p tag 1008141161 Call IDs 2c8e0369 75671fF481397401d8
78. 8 1 2 SIP 3 SIP 4 3 1 IPsec SSL VPN STP 2 SIP RTP 3 IP SIP IP ARP DNS 1 Secure SIP SIP over TLS 2 S MIME End to End 60 SIP 3 4 8IP 4 4 2002 6 REC3261 SIP Session Initiation Protocol http tools ietf org htmlrfc3261 2006 7 REC4566 SDP Session Description Protocol http tools etf org html rfc4566 4 5 CVSS
79. 3 1 IP VoIP 3 1 1 IP P SIP a IP le PBX SIP TP IP IP PSTN IP PC TP LAN SIP SIP
80. IP ID I 1 1 1 7 SIP SIP SIP 1 2 SIP SIP SIP 4 SIP 5 TLS SIP SIP 14
81. RTP RTP 5 RTP RTP RFC1889 1996 1 9 Security 9 2 Authentication and Message Integrity 2003 7 RTP RFC3550 RTP RTP SRTP SRTP SRTP SIP TLS DTLS SRTP SRTP DTLS RTP
82. SIP SIP 19 3 1 Ethernet VLAN 126 SIP 3 19 ID SIP LAN 2 IPsec STP IPsec SIP SIP 3 SIP SIP SIP SIP STP
83. SIP REGISTER INVITE SIP SIP 7 SIP 8 10 RTP Real tme Transport Protocol RTCP RTP Control Protocol SIP 3 8 RTP 9 10 RTCP 11 RTP
84. RTP RTP RFC1889 1996 1 9 Security 9 1 Confidentiality RTP RTP DES IPsec RTP RFC1889 RFC3550 RTP SRTP Secure RTP PE RTP SRTP HH 0 OO 2004 MIKEY RFC3830 SRTP SDP TP
85. RTP 4 DRM Digital Rights Management DRM RTP RTP SRTP 8 3 1 SIP RTP 2 IPsec SSL VPN SIP RTP 1 Secure RTP SRTP RTP SRTP 2 RTP SRTP
86. 8IP SIP INVITE 200 OK ACK 3 TINVITE 1xx INVITE SIP UAS 200ms SIP SIP INVITE En 100 Trying 100 Trying 180 Ringin 180 Ringing ks I 1 8 INVITE 2 4 3 BYE INVITE 200 OK ACK BYE BYE BYE 200 0K SIP SIP I 1 9 BYE 18 SIP
87. RTP RTP DTMTF VoIP RTP RTP
88. 1 SIP SIP ss hh ee ho ho le 1 2 3 12 1 1 ASOII 1 12 2 SIP SIP 1
89. 2008 IO PSTN IP PBX SIP RTP Web 8QL XSS XSRE KW 2010 7 50607UDP SPY 5060 UDP SIP 1 2 SR CC NN
90. SIP SIP SRTP SIP 138 SIP 3 21 SRTP TLS UDP DTLS RFC 4347 Datagram Transport Layer Security SIP SRTP DTLS SRTP Datagram Transport Layer Security DTLS Extension to Establish Keys for the Secure Real time Transport Protocol SRTP http tools ietf org html rfc5764 DTLS SRTP TLS SRTP SRTP DTLS DTLS
91. SUBSRIBE PUBLISH SIP URI ID 70 SIP 3 7 SIP 7 3 1 IPsec SSL VPN STP 2 SIP RTP 3
92. SIP RTP SIP RTP TPS SIP RTP Hl SIP 3 4 7 5 SIP RTP SBO Session Border Controlley SBC SIP SIP RTP SBC SIP DoS
93. SIP 1 Ethernet 2 Ethernet 3 CC Ethernet IP ARP IP Ethernet
94. 4 9 2 SIP RTP TP
95. ID SIP 1D ID REGISTER ID ID REGISTER SIP TD TD SIP ID SIP ID OPTIONS SIP SIP ID
96. SIP 1P 1MS NGN 1IP ALL IP AIPN All IP Network SIP IP SANS 20 VoIP VoIP VoIP SIP 2006 2007 TP
97. 2 lt RTP G 711 8 000 8 711 PCM 64Kbps CBR Constant Bit Rate VBR JPBEG MPEG
98. CRL gt Q VLAN VoIP lt Tl TD X 509 PGP Phil Zimmerman RTP To From Call TD 149 ZRTP SIP SDP Session Description Protocol LAN
99. DO G 711 64Kbps PCM RTP IP 4 8Kbps 4 lt 8Kbps
100. 4 4 JPEG INVITE JPEG 59 SIP 3 4 SIP TNVTTE sip bobGbi1oxi example com STP 2 0 Via STP 2 0 TCP c1ient at1anta examp1e com 5060 branch z9hG4bK74b43 Max FOrwards 70 From Alice lt S1p alioeGatlanta examp1e Com gt tad 9fFxoed76s1 To Bob lt g81p DobGDb11Ox1 GXxamp1e Com gt Cal TD 3848276298220188511Gat anta example Com CSed 1 TNVTTE Contact sip alicetcl ent sat lantasexamp le Com an SDO CD gt Content Disposition render Content Type image jpeg name img10192419528 pg Content Transfer Encoding base64 Content Length 951 9 4AAOSkZJRgABAqgEASABTAAD 2wBDAAYEBAOEBAYEBOYJBqJUGCOs TBqYTCwwKCgsKCgwO DAwMDAwMEAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAz 2wBDAOcHBw0MDRgOEBgUDg4O 4 4 JPEG SIP
101. ROHS 18P 2 2007
102. 180 200 401 407 SIP 65 SIP 3 6 DoS SIP Sp SP 1 1 1 1 INVITE 6 1 401 407 Via 1 1 1 1 2 SIP SIP 6 2 SIP INVITE SIP IP 1 1 1 1 SIP Route SIP SIP SIP Route SIP URI
103. 8RTP 61 SIP 3 9 RTP 9 3 1 RTP SIP RTP 2 TPsec SSL VPN SIP RTP RTP 1 RTP SRTP SRTP 8 RTP 8 3 OS 9 4 2006
104. SIP 96 SIP 3 12 6 SIP SIP 7RTP REC
105. a S MIME SIP SDP IPsec SIP SRTP 1 RTP RTP 8 SRTP SIP SIP STP SIP SIP SRTP SIP 1 1 SIP SRTP RTP
106. 180 Ringing SIP 180 Ringing PRACK SIP 180 Ringing 180Ringing PRACK SDP SIP 183 Session Progress 183 Session Progress SIP 500 Server Intermal Error 180 Ringing 180 Ringing 180 Ringing 180 1 6 PRACK 44 SIP 3 1 SIP SIP i SIP STP
107. 2 IPsec SSL VPN STP 3 SIP RTP 4 1 REC TCP RST ICMP Protocol Unreachable UDP 5 4 2002 6 REC3261 SIP Session Initiation Protocol 18 1 1 Sending Requests http tools ietf org html rfc3261 section 18 1 1 2007 3 Sipera SIP compliant clients may be vulnerable to transport rollback vulnerability http www sipera com index php action resources threat_advisory amp tid 178 amp 5 5 CVSS m CVSS 26 CVSS
108. ES CVSS CVSS 83 SIP 3 10 RTCP 10 RTCP 10 1 RTP RTP RTCP RTP SIP SIP SS SN RTP SS SS 1 RTCP BYE 2 RTCP SDES 3 RTCP SIP 10 1 RTCP
109. SIP RTP 17 TP TIP 18 IP TP 19 ID ID
110. Web SIP RTP SIP RTP SIP7RTP HTTP SQL SIP RTP 18 IP SIP RTP
111. 119 SIP 3 18 WEB XSS SQL SIP TP 3 TP 4 Web 2 CR TP
112. RTP RTCP RTCP IP RTCP RTP RTP UDP 2 2 SIP SIP SIP UA SIP SIP UA SIP SIP SIP IP
113. 1 INVITE SDP SDP 4 1 INVITE 200 SDP OO 7 SIP 3 4 8SIP 192 0 2 101 192 0 2 201 SIP 5963 a 5963 4 1 SDP 3 v 0 o alice 2890844526 2890844526 IN TP4 client atlanta example com C IN TP4 192 0 2 101 t 0 0 m audio 49172 RTP AVP 0 a rtpmap 0 PCMU 8000 2
114. RTP TP IP TVR i SRTP RTP Ne SO 2 RTP RTP RTCP Realtime Control ProtocoD RTP RTP RTP RTCP lt 10 RTCP 1 RFC4568 SDES SRTPIREC3711 RTP
115. SIP SIP URI SIP SIP 1 1 1 1 INVITE sip alice example com Route 1 1 1 1 INVITE sip alice1 9example co Route 1 1 1 1 INVITE sip alice2 9example co Route 1 1 1 1 alice 222 6 2 8TP 66 SIP 3 6 DoS SIP SIP SIP 8STIP SIP
116. TO OO AA 0 913919128 913918973 913918818 7367 7366 7365 SIP lt SIP gt J a i a i RTP 2 RTP 0 gt 913922658 7389 2 913922818 4 4 6 7390 RTP RTP RTP 913922978 7391 SIP 9 1 RTP 9 2 9 1 RTP RTP RTP
117. SIP 1 SIP STP 2 SIP 3 SIP SIP CANCEL SIP CANCEL SIP 401 407 CSeq 1 CANCEL CSeq INVITE INVITE CSeq CSeq 1 INVITE CANCEL CSeq 1 CANCEL 401 Unauthorized
118. 2 IPsec SIP RTP TPsec 139 SIP 3 21 SRTP 21 4 2003 7 REC3550 RTP A Transport Protocol for Real Time Applications 9 Securty http tools 1etf org htmlrfc3550 2004 3 REC3711 The Secure Real time Transport Protocol SRTP http tools ietf org html rfc3711 2006 4 REC4347 Datagram Transport Layer Security DTLS http tools 1etf org html rfc4347 Erratta http wwwr rfc editor org errata_search php rfc 4347 DTLS SRTP Key Transport http tools ietf org html draft wing avt dtls srtp key transport 2010 5 RFC5764 Datagram Transport Layer Security DTLS Extension to Establish Keys for the Secure Real time Transport Protocol SRTP http tools ietf org html rfc5764 2010 5 REC5763 Framework for Establhshing a Secure Real time Transport Protocol SRTP Security Context Using Datagram Transport Layer Security DTTLS http tools 1etf org htmlrfc5763
119. Appendix D 3 d TLIS TLS 1 2 ServerHello Appendix D 4 TLS DES DES draft ietf tls de IDEA IDEA s 1dea 2 IT 20 3 1 TLS TLS
120. IL 1 4 SIP 2 3 SIP HTTP SIP 1 4 14 SIP 3 SIP SIP IL 4 OC INVITE SiDSBObABI TSX com SIP 2 0 EAN TA WS SNP2 0 UDB BE AE CN branch z 9hG4bK776asdhds ot BOD THSbUBILLOXL Com gt From Alice lt alrceGdatlanta cCom gt j ta9g 1928301774 Call ID a84b4c76e66710Gpc33 a 1anta Com CSed 314159 TNVITTE Max EOrwarQds 70 Date
121. SIP TLS SIP TLS ARP DNS SIP SIP TLS SIP STP TLS TLS S8TP SIP 20 TTLS S8SIP SIP SIP REGISTER SIP SIP STP VAR 1
122. STP IDS 1 SNMP IP 2 TLS IPsec STP TLS IPsec SIP 3 ID SIP 1TD SIP 4
123. re INVITE 1 4 SITP re INVITE SIP INVITE SIP SIP SIP STP SIP BYE SIP re INVITE re INVITE Oontact SDP SIP IP SIP SIP SIP SIP INVITE SIP hl 200 OK INVITE
124. MIKEY MIKEY SIP RTP 2 ZRTP ZRTP Media Path Key Agreement for Secure RTP PGP Phil mmerman RTP 9 ZRTP RTP RTP RTP RTP RTP RTP SIP RTP RTP CZfone 3 RTP over DTLS
125. robots txt Web robots txt robots txt Web 2 SNMP SNMP SNMP SNMP
126. Identifier The Internet Engineering Task Force SIP SIP Internet Protocol OSI Security Architecture for Internet Protocol IP VoIP 146 JPEG MAC MEGACO MESSAGE 1 MIKEY MIIM MPEG NOTIFY UO EE PPPoA PPPoE PRACK PUBLISH QCELP REFER REGISTER re INVITE response RFC RLOGIN Interactive Voice Response Japan Vulnerability Notes
127. SBC RFC5853 1 4 8 SIP 4 8 1 SIP TLS SIP 4 7 1 SIP SIP STIP SIP TLS Transport Layer Security RTP SRTP Secure RTP TLS SRTP SIP Am
128. 3 1 REC Call ID 2 CSeq CSeq 13 4 2002 6 RFC3261 SIP Session Initiation Protocol 8 1 1 4 Call ID http tools ietf org html rfc3261 section 8 1 1 4 8 1 1 5 CSeq http tools ietf org html rfc3261 section 8 1 1 5 2006 7 SIP Stack Fingerprinting and Stack Difference Attacks http www blackhat com presentations bh usa 06 BH US 06 Scholz pdf 101 SIP 3 18 Call ID 13 5 CVSS mm CVSS 40 CVSS
129. UPDATE UPDATE REFER INVTTE PoC Push to talk over Cellular REFER MESSAGE MESSAGE PUBLISH NOTIFY
130. sanitization 4 9 4 C C IPA 1 Web
131. 3 8 RTP 8 5 CVSS m CVSS CVSS 78 SIP 3 9 RTP 9 RTP 9 1 RTP RTP RTP RTP
132. Sipera 20 065 20 000 SIP 2 2PN Comprehensive VolP Security for the Enterprise CVE Common Vulnerabilities Rxposures JVN 2007 8 1 9 24 JVN 100 381 2 08 FAN SIP Pe
133. 8 SIP SIP SIP Pe SIP or atlanta com biloxi com SIP SIP SW mm SIP SIP RTP SIP SIP IV 1 23 SIP 4 2 IP IP STP IP
134. 84 SIP 3 10 RTCP RTP SIP STIP RTP RTP RTCP BYE SIP SIP SIP S8SIP TP RTP TP SSRO 1 SSRC 2 SSRC n V P
135. DTMF 2 3 RTP TP IP 1VR I RTP RTP 1ETTF Audio Video Transport avt IETF Audio Video Transport avt http ietf org html charters avt charter html RTP RTP RTCP Realtime Control Protocol RTP RTP RTP RTCP lt 10 RTCP
136. 3 2 4 4 INVITE 3xx INIVTE ACK SIP SIP lt a A INVITE 100 Trying 100 Trying 180 Ringin 180 Ringing sks 603 Decline tk Si ai v FT 5 4 1 III L 1 IN eR LL ud M 3 NM 6 603 Decline ACK ACK I 1 10 2 4 5 CANCEL CANCEL CANCEL 200 OK CANCEL INVITE 487 ACK SIP SIP as INVITE INVITE 100 Trying 100 Trying 180 Ringin 180 Ringing CANCEL CANCE
137. 2010 7 5060 UDP http wwwr npa go p cyberpohce detectpdf 20100714 pdf UDP 5060 OPTTONS 128 SIP 3 20 SIP TLS 20 SIP TLS 20 1 TLS TLS TLS 6 SIP SIP SIP SIP TLS gt EE TLS Client Hello _ Server Hello Server Hello TLS Client Key Exchange TL
138. CSeq 1 CANCEL INVITE CSeq 1 CSeq 1 INVITE CSeq CSeq CANCEL CSeq 1 CANCEL 401 Unauthorized Mei CSeq 1 CANCEL CANCEL CSeq 2 CANCEL 1 7 CANCEL Cseq 100 Trying CSeq 1 INVITE 45 SIP 3 1 SIP 1 3 1 IPsec SSL VPN SIP 2 SIP RTP 3 1 S MIME End to End CANCEL UA UA end to end S MIME
139. SIP RTP 5 SIP SDP RTCP CODEC DNS ENUM 18 1 SIP 117 SIP 3 18 1 SIP Web HTTP
140. SIP RTP SIP IP SIP IP RTP IP SIP URI STP REGISTER SIP RTP UDP NTP TP TFTP IP STUN IP SNMP SNMP DHCP IP IP DNS TP 123 SIP
141. SIP 93 SIP 3 12 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa S1ip thereG10 10 10 10 STP 2 0 Via STP 2 0 UDPB 10 10 1 1 5066 From 0 lt S1D me10 10 1 1 gt ag O To Receiver S1p thereG10 10 10 10 gt Call ID 1610 10 1 1 CSeq 1 INVITE Contact 0 lt S1p meG 10 10 1 1 gt Expires 1200 Max Forwards 70 Content Type application sdp Content Length 128 INVTITE v 0 o 0 0 0 IN IP4 10 10 1 1 s Session SDP c IN IP4 10 10 1 1 t 0 0 m audio 9876 RTP AVP 12 2 SIP SIP RTP
142. 4 SIP ID 118 SIP 3 18 ID
143. DES SRTP AES Advanced Encryption Standard LAN 2 AES SRTP 2007 8 SRTP SRTP SIP SDP crypt sDescription SDES Y SDP SDP SIP TLS TPsec SIP SDP SRTP SRTP
144. TLS SRTP SIP TLS SRTP 8 RTP 1 SIP over TLS over TCP SIP RFC3261 2 SIP TCP TLS 2 DTTLS SRTP Framework SIP RTP SRTP SRTP UDP TLS DTLS REC4347 Datagram TLS 83 REC5763 2 IPsec SSL VPN SIP RTP 1 RFC5853 Requirements from Session Initiation Protocol SIP Session Border Control SBC Deployments http tools ietf org html rfc5853 2 RFC3261 SIP 26 4 3 TLS http tools ietf_org htmlrfc326 section 26 4 3 3 DTLS OpenSSL 0 9 8 http op
145. 3 SIP 4 SIP SIP ID 5 SIP TID 19 2 1 SIP ITP ID SIP SIP DNS NTP
146. NIST 2010 MD5 256bit SHA1 SHA2 3 3 SIP SIP 1 IPsec SSL VPN SIP 2 SIP RTP 3 1 Secure SIP SIP over TLS SIP 3 3 SIP 2002 6 RFC3261 SIP Session Initiation Protocol 22 Usage of HTTP Authentication http tools ietf org html rfc3261 section 22 1999 6 RFC2617 HTTP Authenticatnon Basic and Diges
147. RTP SIP RTP STP TLS SRTP STP STIP 4 7 4 7 1 SIP RTP
148. SIP IP 1 Request URI 2 Via 3 Contact 4 Route 5 Record Route 6 SDP c 1 3 4 SIP SIP 2 SIP STP 5 Route SIP SIP 6 SIP STP SIP SIP 40
149. H 323 RTP RTP Pk SIP RTP RTP SIP SDP SIP RTP RTP RTCP SSROC RTCP BYE 2 RTCP SRTP 10 3 1 RTCP SIP RTP 2 RTCP IPsec SSL VPN
150. 1 SDP 1 G 711 G729 H 261 H 264 HTTP SMTP POP3 DNS pep SSLTLS UDP TCP Ethernet IEEE802 3 Wireless IEEE802 11 etc I 1 2 SIP HTTP SIP 11 SIP 3 I 2 SIP SIP SIP STP SIP
151. 21 2 SIP SIP SIP B _ SIP A SIP B SIP B SRTP SIP SRTP SRTP SRTP 21 1 SIP SRTP SRTP 136 SIP 3 21 SRTP SIP SIP IP INVITE 200 OK SDP a crypt SRTP a crypt 21 2
152. 28 8 16 http WWW ipa 90 jD TEL 03 5978 7527 FAX 03 5978 7518 http www ipa go jp security W eb
153. username uri realm nonce opaque nc cnonce nc 1 2 response 2 cnonce 3 nonce opaque 4 Secure SIP SIP over TLS 105 SIP 3 14 14 4 RFC2617 HTTP Authentication Basic and Digest Access Authentncation http tools 1etf org html rfc2617 RFC8261 SIP Session Initiation Protocol 22 Usage of HTTP Authenticatnon http tools ietf org html rfc3261 section 22 2007 3 Sipera Insufficient integrity checks on SIP digest authentication messages http www sipera com index php action resources threat_
154. INVITE CANCEL SIP SIP UDP INVITRE IP CANCEL 41 SIP 3 1 SIP 3 re INVITE re INVITE INVITE INVITE
155. 3 SIP HTTP 1 1 I 6 100 16 SIP 3 I 7 100 Tryimg 180 Ringing 2xx 200 200 OK 202 Accepted 3xx 300 300 Multiple Choices 301 Moved Permanently 400 Bad Request 401 Unauthorized 5xx 500 500 Server Internal Error 501 Not Implemented 6xx 600 600 Busy Everywhere 603 Decline
156. IP SRTP VBR Variable Bit Rate 2008 3 VBR 90 50 VBR RTP
157. PPP over Ethernet PPP thernet SIP SIP Qualcomm s Code Excited Linear Prediction CDMA CELP SIP SIP contact SIP Request For Comment IETF UNIX 147 ROHS Restrction of the Use of Certain Hazardous Substances in Electrical and Electronic Equipment EU TCP
158. BYE 9 i lt lt SIP SIP INVITE MI ll 200 OK BYE 200 OK 1 5 BYE 43 SIP 3 1 SIP 5 PRACK SIP UDP UDP SIP ACK INVITE
159. 200 OK SIP 200 0K 302 Moved Temporarily 302 Moved Temporarily STP SIP SIP INVITE SIP 100 Trying SIP CANCEL 302 Moved Temporarily 200 OK ACK 487 Request Terminated INVITE 200 OK INVITE 2 3 Moved Temporarily 3 404 Not Found INVITE 404 Not Found INVITE 404 Not Found INVITE SIP URI SIP SIP URI SIP
160. CANCEL UA hop by hop S MIME 2 Secure SIP SIP over TLS TLS TLS SS SIP SIP N SS SS SIP a 3 Ne SIP a SIP 1 8 TTLS 46 SIP 3 1 SIP 2002 6 REC3261 SIP Session Initiation Protocol 10 Regnstratnons http tools 1etf org htmlrfc3261 section 10 13 Initnating a Sess1on http tools ietf org html rfc3261 section 13 14 Modifying an Existing Session http tools ietf org html rfc3261 section 14 15 Terminating a Session http tools ietf org html rfc3261 section 15 22 1 Framework http tools ietf org html rfc3261 section 22 1 2002 6 RFC3262 Reliability of Provisional Responses in the Session Initiation Protocol SIP http tools ietf org html rfc3262 1 5 CVSS 1 II
161. CVSS RTCP BYE RTP CVSS a 91 SIP 3 11 11 11 1 CODEC SIP RTP Web 12
162. RTP SSL Secure Socket Layer TCP UDP TLS SSL VPN Secure Socket Layer Virtual Private Network SSL VPN SSRC Synchronization Source 1dentifier SUBSCRIBE SIP J TCP Transmissnon Control Protocol RTCP S MIME TCP UDP Transmission Control Protocol Internet Protocol TCP IP TCP IP 148 TELNET Trivial File Transfer Protocol TLS Transport Layer Security TCP UDP SSL To UA UAC
163. SIP 2 15 2 15 1 SIP SIP SIP SIP INVITE IP SIP J Pte SIP SIP 9 REGIS TER SIP SIP INVITE INVITE INVITE 15 1 IP STP REGISTER INVITE SIP INVITE STP SIP SIP
164. 1 RFC 4568 a crypt 2 a crypt v 0 o doe 2890844526 2890842807 IN IP4 10 47 16 5 s SDP Seminar 1 A Seminar on he session desctription BrotocoLl u http www example com seminars sdp pdf e doeldexample com Jane Doe C IN TP4 161 44 17 12 127 t 2873397496 2873404696 m video 51372 RTP SAVP 31 a crypto l AES CM 128 HMAC SHAl 80 1nline dORmdmcmVCspeEc3QGZiNWpVLFJhQX1cfHAwJSoj 2 UL m audio 49170 RTP SAVP 0 a CrYDto 1 AES CM 128 HMAC_SHA1 32 inline NzB4dlBINUAvLEw6UzF3WSJ PSdFcGdUJShpX1Z 222011 32 m application 32416 udp wb a orilent portrailt 21 2 SDP RFC 4568 SRTP SRTP SRTP SRTP
165. CVSS 26 3 CVSS 52 SIP 3 3 SIP 3 SIP 3 1 SIP HTTP SIP 02K RR I et SIP 9 SIP SIP SIP 3 1
166. REC 3647 X 509 PKI 2 TLS TLS 2008 9 TLS 1 2 20 1 TLS g TLS TLS 1 2 Appendix D 1 b TLS 1 2 Appendix D 2 c Diffie Hellman TLS 1 2
167. ARP ARP ARP ARP TIPA TCP IP x 21 ARP TCP IP http www ipa go jp security vuln vuln TCPIPhtml 28 SIP 3 LAN LAN Ethernet WEP WPA LAN
168. 8SIP CSeq REC3261 8 1 1 4 Call ID Call ID INVITE Hrom To tag REGISTER REGISTER SIP STP Call ID Call ID REGISTER REGISTER Call ID CSeq CSeq
169. SIP ts SIP Presence Server IP SIP PSTN etc II 1 3 SIP 13 SIP 3 SIP I 2 SIP 1 SIP SIP URI Uniform Resource Identifier Web http www example co p URL Uniform Resource Locator URI SIP URI sip sips sip alice exampe CO D URI SIP SIP SIP
170. SIP SIP UA SIPUA UAC User Agent Client UAS User Agent Server UAS UAC SIP UA SIP IT 3 UAC UAS UAC User Agent Client SIP UAS User Agent Server SIP SIP SIP 8SIP 12 SIP 3 IL 4 SIP SIP SIP Registrar Registration Server UP SIP IP Location Server Me SIP SIP Proxy Server
171. IP STP TETP IP 3 WEB XSS XSRF SQL WEB XS8 XSRE WEB JavaScript WEB WEREB SQL WEB
172. SIP RTP 1 RTCP SRTOCP SRTP hd cits Eg 2 Eee 8 RTP 8 2 69 SIP 3 10 RTCP 10 4 1996 1 2002 2007 3 REOC1889 RTP A Transport Protocol for Real Time Applications http www networksorceryicom enp rfc rfc1889 txt STAKE Inc VolP The Next eneration of Phreaknng http www blackhat com presentations wn usa 02 arkin winsec02 ppt RTP REC3550 RTP A Transport Protocol for Real Time Applications 6 RTP Control Protocol RTCP http tools ietf org html rftc3550 section 6 8 2 Collision Resolution and Loop Detection http tools ietf org html rfc3550 section 8 2 RFC3551 RTP Profile for Audio and Video Conferences with Minimal Control http tools ietf org html rfc3551 TCP IP RTP
173. STP TP 1 3 2 SIP SIP 2 2 1 SIP 1 4 1 1
174. 8SIP SIP 7GD LAN WPA Wi RHi Protected Access IPsec SSL VPN SIP RTP 4 7 3 IP IPsec 3GPP IMSP Multimedia Subsystem 2007 9 IPsec IPsec SIP RTP IP TP IMS SIP P CSCF Proxy CSCF TIPsec ESP ESP Enceapsulating Security Payload IP RTP
175. 8 CANCEL SIP 1 3 STP INVITE Call ID CANCEL CANCEL 100 Trying SIP CANCEL 100 Trying CANCEL SIP 487 Request Terminated SIP 2 nm lt S lt S SIP SIP INVITE SIP CANCEL 487 Request Terminated 1 3 CANCEL REC3261 22 1 Framework CANCEL SIP
176. CVSS v2 CVSS v2 TPA CVSS v2 za 1 JVNiPedia http jvndb jvn jp 2 CVSS v2 1 7 CVSS CVSS v2 CVSS v2 CVSSv2 CVSS v2 1 2 18 19 ID
177. SIP SNMP Simple Network Monitoring Protocol SNMP IP SNMP SNMP SNMP Read SNMP Walk IP 2 SNMP SNMP Write 4 SIP ID SIP SIP SIP URI
178. ID MAC ID SIP SIP SIP 058 3 STP
179. 1 20 NGN SIP 25 SIP 3 3 4 8IP SIP SIP 1 21
180. MTIT Technology Review Technology Review 1899 143 SIP 3 22 SRTP 22 5 CVSS I a EE CVSS CVSS 144 AIPN AJAX ARP ARP Poisoning ARP Spoofing ASQI BYE C Call ID CANCEL CELP CNAME CODEC Contact CSea CVE CVSS DCCP DDoS DES Diffie Hellman DNS 3rd Generation Partner Project 3 SIP Advanced Encryption Standard NIST
181. CVSS 50 CVSS 110 SIP 3 16 IP SIP 16 IP SIP 16 1 SIP IP STP IP 16 2 INVITE SDP 127 0 0 1 Va Contact IP
182. IP 3 UDP TCP 0 1023 well known 8DP nm SIP 16 4 2002 6 RFC3261 SIP Session Initiation Protocol http tools 1etf org htmlrfc3261 2007 3 Sipera Implementation flaws may allow remote attacker to explot 1mproperly handled error conditions http Www s1pera com ndex php 2action resources threat advisory amp tid 185 amp 16 5 CVSS m CVSS 50 CVSS Pi 2 2 113 SIP 3 II 17 17
183. CVSS CVSS 72 SIP 3 8 RTP 8 RTP 8 1 RTP IP 8 2 RTP IP RTP TP
184. 92 SIP 3 12 12 12 1 SIP RTP SIP RTP 12 2 2 SIP STP DoS
185. CVSS 40 REGISTER CVSS REGISTER a 47 SIP 3 2 SIP 2 SIP 2 1 SIP SIP SIP 200 400 300 2 1 STP SIP SIP ey I
186. 00 RUI 73 9 RTP kk 79 10 RTCP kk 84 11 kk 92 12 93 18 Call ID iii 100 14 103 15 IP 108 16 IP SIP 111 17 kk 114 co 117 D 19 ID kk 123 SIP RTP 20 SIP TLS 129 21 SRTP i 136 22 SRTP
187. kk 141 ee 145 SIP 3 SIP 1 1 SIP Session Initiation Protocol H 3823 MEGACO TIETF Internet Engineering Task Force IMS NGN IP TP 2010 6 2 300 FTTH 56 6 TP 2007 LMS NGN
188. 12 4 CVE Common Vulnerabilities Exposures http www mitre org JVN Japan Vulnerability Notes http jvn jp 2003 Security testing of SIP implementations Christian Wieser Marko Laakso Department of Electrical and Information Engineering University of Oulu http www mediateam oulu fipubhcations pdf 462 pdf PROTOS c07 SIP Oulu 2006 3 Sipera Sipera Comprehensnve VolP Security for the Enterprnse Not Just Encryption and Authenticatnon http wwwr snpera com assets Documents whitepapers Spera_Pnterpr1se VolP_Security_WPpdf 2006 5 RFC4475 Session Initiation Protocol SIP Torture Test Messages http tools ietf org html rfc4475 2007 IPA http www 1pa go jp security awareness vendor programmingv2 2007 7 IPA 1 http Www 1pa go p secur1ty awareness vendor software html 1 2005 6 Frank Swiderski Windows Snyder BP 2005 6 ISBN 4891004576 2005 1 PROTOS Test Suite c07 sip Security Testing of Protocol Implementations http
189. http itpro nikkeibp co jp articlelCOLUMN 20080926 315503 SIP NextGen 12 5 CVSS mn CVSS WE CVSS C 99 SIP 3 13 Call ID 13 Call ID 13 1 MAC CalLID 13 2 SIP REGISTER Call ID REGISTER
190. 10 2 RTP RTCP REC3550 6 RTP Control Protocol RTP RTP 1 2 3 3 RTOCP 1 RTCP BYE RTP RTP RTP RTCP BYE RTP STIP
191. 2002 6 RFC3261 SIP Session Initiation Protocol 26 1 5 Denial of Service and Amplification http tools ietf org html rfc3261 section 26 1 5 2008 9 IP http ntpro nikkenbp co p article NEWS 200809107314570 NTT 2008 9 SIP 3 http pro jectphone typepad p blog 2008709 sip3 fcee html 2008 9 STP 2008 9 FAQ for YAMAHA RT SIP http Www rtpro yamaha co jp RT7EAQO VolIP troublevoip ans html 9 FUSION IP Phone http www fusioncom co jp oshirase 20080909 2 html 67 SIP 3 6 DoS SIP 2008 11
192. IP 150 SIP IP Iml 2010 9 30 3 3 El 1 2 8 NT AT OK I JPCERT NN SS
193. RC SSRC PT 10 2 RTCP BYE 2 RTCP SDES RTP RTOP RTP RTCP SDRS NAME MAIL PHONRE RTCP SDES RTP RTCP SDES 1 SSRC RTP CNAME Canonical Name SSRC CNAME IP
194. 00 bee cy 18 3 1 2 3 4 HTTP SSL TLS 1
195. 14 3 1 IPsec SSL VPN STP 2 SIP RTP 3 1 UAS Call ID From TP CSeq SIP SIP To 104 SIP 3 14 7UAS
196. 2 TVR 9 SUBSCRIBE NOTIFY SUBSCRIBE NOTIFY SUBSCRIBE NOTIFY
197. CNAME RTCP 85 SIP 3 10 RTCP SSRC CSRC 1 SDES SSRC CSRC 2 SDES V P RC SDES PT 10 3 RTCP SDES 3 RTCP RTP RTCP RR
198. Media Access Control address Ethernet Message Digest 5 media gateway control IP SIP Management Information Base Multimedia Internet Keying SRTP Man in the Middle Moving Picture Experts Group Next Generation Network IP SIP Network Time Protocol Open Mobile Alliance Public Key Infrastructure PPP over ATM PPP ATM
199. OC C JPCERRT CC ASCII 2006 Visual C 2010 GCC GNU C Compiler O C Java 94 SIP 3 C C
200. SIP SIP SIP SIP RFC3261 26 1 5 Do8 1 SIP SIP 6 1 SIP INVITE SIP IP 1 1 1 1 SIP Via SIP SIP
201. TCP RST or ICMP Protocol Unreachable UDP INVIIE 5 1 UDP REC38261 18 1 1 UDP UDP TCP ICMP Protocol Not Supported TCP UDP SHOULD TCP REC2543 RFC3261 REC2548 TCP REC3261
202. URI Common Vulnerabilities Exposures MITRE Corporation Common Vulnerability Scoring System Datagram Congestion Control Protocol UDP Distributed Denial of Service Data Encryption Standard 1960 TBM Domain Name System IP 145 DTLS DTMF Ethernet Firewall FW F W From FTTH Fuzzing G 711 H 323 oO hop by hop HTTP gt Tn ICMP IPS D IETF i I M INFO INVITE Denial of Service Datagram Transport Layer Security Dial Tone Multi Frequency
203. RTP SIP 1 STP RTP SIP RTP ES RTP SIP SIP W RTP RTP 2 SIP RTP RTP 79 SIP 3 9 RTP
204. TLS 20 1 STP SIP STP SIP TLS SIP CA 130 SIP 3 20 SIP TLS SIP CA CA RE a ca 2 Mn2862 a I _ DN
205. 1 IPsec SSL VPN SIP 2 SIP RTP 3 1 Secure SIP SIP over TLS 2 IP 15 4 RFC3261 SIP Session Initiation Protocol http tools 1etf org htmlrfc3261 2006 6 TTC JJ 90 24 SIP SIP http www ttc or jp j document list sum sum JJ 90 24y2 pdf 4 1 3 2 Contact 2007 3 Sipera Endpoints vulnerable to accepting requests from source IP other than the specified server http www sipera com index php action resources threat_advisory amp ti d 186 amp 109 SIP 3 15 IP 15 5 CVSS
206. 27 SIP 3 1 VPN 2 IP 3 IP Ethernet Ethernet 4 LAN LAN 5 Ethernet 6 SOHO IP LAN IP LAN
207. 3 19 ID 2 SIP SIP SIP SPAM IP SPIT Spam for Internet Telephon y SPIT IP ID ID 1D 3 SNMP
208. Public Switched Telephone Networks RST PSTN IP RTP Control Protocol RTP Real time Transport Protocol Secure Multipurpose Internet Mail Rxtensions SANS SDP SHA Secure Hash Algorithm 1 SHA1 SIMPLE SIP for Instant Messaging and Presence Leveragnng Extensions Session Initiation Protocol SIP UA SIP URI SIP URL SIP Uniform Resource Tdentifier SIP SIP SIP SNMP SPAM Speex SPIT Spam for Internet Telephony IP SRTP Secure Real time Transport Protocol
209. RTP RTP 80 SIP 3 9 RTP 1 RTP 2 RTP RTP SIP RTP VoIP H 828 MEGACO Oisco Skinny TP RTP RTP RTP
210. SIP proxy SIP 2008 10 Analysis of a VoIP Attack Klaus Darilion IPCom http www 1ipcom at fileadmin public 2008 10 22 Analysis of a VolP At tack pdf 2008 10 VoIP 106 SIP 3 14 14 5 CVSS 1 II 5 1 ee CVSS CVSS 107 SIP 3 15 IP 15 IP 15 1 SIP IP
211. 18 1992 7 2007 12 2007 10 2007 10 REC1350 THE TFTP PROTOCOL REVISION 2 http tools 1etf org htmlrfc1350 TFTP RFC Cisco Unified IP Phone Remote Eavesdroppng http wwwr clsco com en US products products_security_response09186a0 080903a6d html Ciscon IP Remote Wiretappng on Csco Phones http www hack lu archive 2007 hacklu07_ Remote_wnretappng pdft Gisco IP 7940 IP Owning the internal network with SIP part 1 and a Linksys Phone http seclists org fulldisclosure 2007 Oct 0174 html LynkSys SPA 941 XSS VOIPSEC XSS and SQL injection via SIP part 2 and toll fraud bonus http Yonpsa org p1permall Yonpsec_vo1psa org 2007 October 002466 html XSS IP PBX SQL Asterisk
212. SSRC SSRC RTP CE RTCP BYE SIP RTP RTP GSRO RTP RTCP BYE 97 SIP 3 10 RTCP RTP 2 RTCP SDES RTCP SDES 1 SIP RTP 1 8IP RTP SIP RTP 1 RTP RTCP CNAME Canonical Name RTP SSRC
213. 17 1 Pcom sia TP OS OS OS ON i 1 ITRON 2 VxWorks 3 Linux 4 WindowsCE Windows Mobile OS SIP Windows Linux RK 7 7 08 Windows Hinux IP
214. 2 302 Moved Temporarily INVITE 302 Moved Temporarily INVITE 302 Moved Temporarily SIP URI 302 Moved Temporarily Contact INVITE 302 Moved Temporarily SIP 3 2 SIP 2 3 SIP INVITE SIP 100 Trying SIP SIP CANCEL
215. TLS TCP SIP SIP TCP RST ICMP Protocol Unreachable TOCP UDP RFC3261 18 1 1 Sending Requests TCP TLS TCP UDP UDP SIP TLS UDP TCP RST 63 SIP 3 5 5 3 1
216. 2 4 SIP SIP REGISTER INVITE BYE CANCEL 5 2 4 1 REGISTER SIP REGISTER SIP REGISTER SIP SIP URI IP SIP SIP oo SIP UA SIP URI IP ER g UA SIP URI IP EE 200 OK 17 SIP 3 I 1 7 _ REGISTER 2 4 2 INVITE
217. 3 2 SIP UAS RFC2617 HTTP 401 Unauthorized 407 Proxy Authentication Required WWW Authenticate Proxy Authenticate NN SIP 3 3 SIP NN SIP SIP INVIIE 407 Proxy Authentication Required Proxy Authenticate INVITE Proxy Authorization 200 OK 40 7 Proxy Authentication Required POKV AUEDGDIGANES DITOeGSE Tealme at Lante om domaln SLID SSl Carrier Com OPD auER nonce E84EF1cec41e6cbeSaea9c8e88d359 opaqdue stale FALSE algorithm MD5 INVITE sip bobGexample com SIP 2 0 Proxy Authorization Digest username Alice realm atlanta com nonce c60E3082ee1212b402a21831ae reSsponse 245fF23415E11432D3434341c022 3 2
218. Colin Perkins 2004 4 ISBN 27406561 NEC Network Laboratornes VolP Securty Threat Analysis P8 RTP RTCP specific DoS attacks http www 1br cs tu bs de pro ects nmrg meetnngs 2005 nancy Yop sec pd f RTCP BYE DoS RTCP RR I D VoIP Security Threats relevant to SPEERMINT 2 4 Threats to MF Availabihty http tools 1etf org html draftt nnccohmnn speermnnt vYopthreats section 2 4 SIP RTP BCP 05 I D SPEERMINT Security Threats and Suggested Countermeasures 2 4 Threats to the Media Function MF http tools ietf org html draft ietf speermint voipthreats section 2 4 I D VoIP Security Threats relevant to SPEERMINT 04 90 SIP 3 10 RTCP 10 5 CVSS TII
219. RTP RTP RTP at 1 SRTP MIKEY RTP 2 ZRTP RTP 3 RTP over DTLS SRTP DTLS UDP 4 1 SRTP SRTPIREC3711 RTP TIPsec IP SRTP RTP 74 SIP 3 8 RTP RTP DES
220. TCP TCP TCP TCP RFC UDP 2 CC 5 1 SIP INVITR TLS SYN TCP BC SIP SIP TCP TCP RST ICMP Protocol Unreachable SIP TCP ICMP TCP RFC3261 UDP SIP 62 SIP 3 5 SIP SIP SIP SIP TCP SYN TLS
221. TELNET RLOGIN SSH SNMP WRITE TD SIP SIP IP SIP SIP SIP RTP 2 SIP TFTP
222. IS STP IP STP SIP 3 SIP SIP 1 3 1 3 1 SIP 19 SIP SIP
223. PSTN SIP RTP IP 1 SIP RTP UDP 2 UDP IP 1Psec 3 SIP SIP SIP CANCEL SIP SIP HD 4 STP MD5 5 SIPS SIP over TLS 6 SRTP Secure RTP 7 SIP 1 SIP SIP REGISTER 8 STP SIP SIP RTP 4 2 IP
224. SIP SIP SIP a 2 SIP 1 1 SIP 1 2 3 SIP 1 1 2 1 REGISTER 2 CANCEL 3 re INVITE 4 BYE 5 PRACK 9 SIP 3 1 SIP 1 REGISTER SIP
225. 1 2 0 2009 1 SIP RTP 3 20 22 20 22 DTLS SRTP 8 XSS SQL 18 6 8 12 14 15 18 3 0 2010 9 REP SIP 3 1 OR AAA OO EONAR 5 2 8IP kk 11 3 8IP 23 4 eee 27 5 kk 38 SIP SDP 1 SIP 39 2 0 8 oo 48 1 SI SP RE RTL NO RE acc 53 4 FE 5555000000 57 5 62 6 MOSNMAEIE OSI OOU NIS 65 7 SEN SA OI NE 69 RTP RTCP
226. RTP RTP RTP
227. SRTP 22 4 2003 7 RFC3550 RTP A Transport Protocol for Real Time Applications 9 Security http www1 tools iett org html rfc3550 2004 3 REC3711 The Secure Real time Transport Protocol SRTP http www1 tools iett org html rfc3711 2007 4 Asterisk encryption http www voip info org wiki view Asterisk encryption Asterisk SRTP 2008 3 VBR Uncovernng spoken phrases in encrypted VolP conversations Johns Hopkins Universnty Department of Computer Science http wwwr cs hu edu fab1an papers oakland08 pdf VoIP VBR 2008 6 MIT Technology Review Breaking Phone Call Encryptnon http www technologyreview com lnfotech 20913 2a f VBR VoIP
228. 0 a NEE 0 ls a Om a a J gt 8 ES e 20 2 20 2 TLS TLS CMV SIP SIP SIP SIP TLS 20 2 MV SIP CA CA 50 SIP CA
229. 12 Hacking VolP Exposed Voice over IP Security Secrets amp Solutions David Endler and Mark Collier McGraw Hill Professional Pubhshing ISBN 0072263644 http www hackingexposedvoip com 2007 5 Sipera Sipera Unencrypted RTP vulnerable to capture and reconstruction http www sipera com index php action resources threat_advisory amp tid 264 RTP 2007 5 Sipera RTP sequence number and tmestamp can be guessed to in ect medna packets that may be accepted by recever as leg1timate http wwwr snpera com ndex php actlon resources threat_advisory amp t1id 269 RTP 2007 3 Sipera Rogue RTP in ection may result in voce quahty degradation http wwwr snpera com index php action resources threat_advisory amp t1d 1983 amp RTP 82 SIP 3 9 RTP 9 5 CVSS
230. SRTP DTLS DTLS Datagraram TLS TCP TLS TYransport Layer Security UDP RTP over DTLS UDP RTP DTTLS RTP over DTLS SRTP SRTP SRTP MIKEY UDP DTLS SRTP Framework for Establishing a Secure Real time Transport Protocol SRTP Security Context Using Datagsram Transport Layer Security DTLS http tools ietf org html rfc5763 SRTP MIKEY ZRTP DTLS SRTP 2007 3 TETE RTP Secure Keying BoF Birds Of a Feat
231. Areski FreePBX Tribox Austrahans falhng victim to forengn phone hackers http wwwr Hhvenews com au Artncles 2008 04717 Austrahans falhng victi m to foreign phone hackers 2 IP 10 IPA 3 http Wwwr pa go p secur1ty Yuln websecurty html SQL XSS 9 122 SIP 3 19 ID 19 ID 19 1 SIP ID 1 2 SNMP
232. NIAC National Infrastructure Advisory Council 2004 10 CVSS HIRST Forum of Incident Response and Security Teams THIRST CVSS SIG Special Interest Group FIRST 2005 6 CVSS v1 2007 6 CVSS v2 CVSS 3 1 Base Metrics 3 Confidentiahty Impact ntegrity Impact Availability Impact CVSS Base Score
233. VoIP SIP DoS http itpro nikkeibp co jp articlel COLUMN 20081028 317888 SIP NextGen 2008 12 RFC5393 Addressing an Amplification Vulnerability in SIP Forking Proxies http tools ietf org html rfc5393 SIP Proxy 2 6 5 CVSS a CVSS 26 CVSS 68 SIP 3 7 SIP 7 SIP 7 1 SIP RFC3261 3262 RFC SIP
234. http www derkeler com Maihng Lists Securiteam 2006 09 msg00023 ht ml exponent 65535 exponent 3 TLS JVNDB 2007 000404 RSA BSAFE Cert C Crypto C DoS http vndb vn Jp 7a contents 2007 JVNDB 2007 000404 html Cisco Securty Advisory Vulnerability In Crypto Library Document ID 91890 Advisory ID cnsco sa 20070522 crypto shtml http WwwW clsco com warp pubhc 707 chsco sa 20070522 crypto shtml TLS ASN 1 2010 5 RFC5763 Framework for Establishing a Secure Real time Transport Protocol SRTP Security Context Using Datagram Transport Layer Security DTLS 6 9 IMedia over SRTP http tools etf org7html rfc5763 section 6 10 2008 4 1oSkoot dhsclosure of Skype credentials resolved http vonpsa org blog 2008 04 28 iskoot dnsclosure of skype credentals res olIYed new vers1on by wednesday Skype Symbian Skype 2008 5 ASTL2008 007 Cryptographic keys generated by OpenSSL on Debian based systems compromised http voipsa org pipermail voipsec_voipsa org 2008 May 002671 html Debian Linux Asterisk OpenS
235. 0 IPA URL http Www ipa 90 jD Security todoke LAN W AN 0S
236. 2 Temporal Metrics CVSS Temporal Score SIP 3 3 Environmental Metrics CVSS nvironmental Score IPA JVN iPediai
237. All IP Network IP Asynchronous JavaScript XML JavaScript HTTP Web Address Resolution Protocol IP Ethernet MAC MAC IP ASCII SIP Certificate Authority PKI SIP Code Exceited Linear Prediction 1
238. INVITE sip ua example com REGISTER 404 Not Found To sip ua exarmple com Cortact sip 192 168 2 200 Eexpires 3600 200 OK Contact sip 192 168 2 200 expires 3600 INVITE sip 192 168 2 200 sip ua example com 1 2 40 SIP 3 1 SIP REGISTER SIP STP STP sip ua example coml INVITE SIP 404 REGISTER SIP IP SIP STP SIP sip ua example coml INVITE SIP INVITE SIP 2 CANCEL INVITE
239. S8gTP SIP ID ID 5 SIP ID SIP SIP OPTIONS SIP REGISTER SIP SIP SIP SIP SIP SIP 1 2003 Defcon 11 Watching the Watcher
240. SDP2 v 0 o bob 2890844527 2890844527 IN IP4 client biloxi example com a C IN TPA 192 0 2 Z01 t 0 0 m audio 3456 RTP AVP 0 a rtpmap 0 PCMU 8000 3 SDPlx v 0 o alice 2890844526 2890844526 IN IP4 client atlanta example com G IN LP4 192 0 2 11 t 0 0 m audio 49172 RTP AVP 0 a rtpmap 0 PCMU 8000 SIP 3 4 SIP 4 SDP2x U o bob 2890844527 2890844527 TN TP4 client b11ox1 Gexamp1e Com CIN LP4 192 0 2 11 t 0 0 m audio 3456 RTP AVP 0 a rtpmap 0 PCMU 8000 4 2 SDP 4 1 0 2 INVITE JPEG INVITL JPEG nm gt Ny gt SIP SIP SIP 4 3 JPEG 4 3 INVITE JPEG
241. 21 5 CVSS m CVSS 50 CVSS 140 SIP 3 22 SRTP 22 SRTP 22 1 VBR Variable Bit Rate SRTP Secure RTP SRTP 2008 22 2 SRTP
242. C SIP ERS CX SIP RTP HTTP SNMP TELNET RLOGIN TETP NTP DHCP DNS 2 SIP SIP
243. INVITE 100 Trying 100 Trying 180 Ringing 1 1 15 SIP SIP 5 7 401 Unauthorized SIP 3 SIP SIP INVITE Proxy UA 407 Proxy Authentication Required INVITE Proxy UA INVITE UA 100 Trying 401 Unauthorized 401 Unauthorized ACK Proxy UA ACK INVITE Proxy UA INVITE UA 5 200 OK ACK Proxy UA ACK UA BYE Proxy UA 200 OK 200 OK IL 1 16 BYE UA SIP 3 3 SIP SIP
244. OK 100 Trying From To6 2 JNVITE SDP IINVITE ISIP SIP SIP TL 5 SIP SIP IT 6 SIP SIP SIP
245. Proxy Authentication Required WWW Authenticate Digest REGISTER nonce 12345678 Authorization Digest nonce 98765432 14 1 nonce SIP SIP SIP SIP UAS 407 401 SIP nonce opaque WWW Authenticate Digest realm biloxi com dop authi auth Lint nonce dcd98b7102dd2EOe8b11dJOE600bfb0c093 opPadue 5cocc069c403ebafF9EO171e9517E40e41 103 SIP 3 14 SIP 401 407 SIP UAO i SIP Author1za 1on Digest username bob realm bil oxi COm nonce dcd98b7102ddQ2fOe8b11Q0OfF600bfb0c093 SLDSIOOIOOOL1OX OOI0 qop auth nc 00000001 cnonce 0a4f113b response 6629fae49393
246. SIP SDP SDP INVITE JPEG Yi MM 6 4 2 2 SIP 2 1 INVITE SDP 2 INVITE JPEG ARP SBO SIP
247. SIP nonce opaque UAO WS rr HTTP SIP MD5 REC2617 MD5 0 A Nr Mn 2 0 NN A re 54 SIP 3 SIP
248. SRTP 1 6 CVSS CVSS Common Vulnerability Scoring System
249. Thu 21 Feb 2002 13 02 03 GMT Contact S1p a11CeG DpC33 atlantascom gt Content Type app1ioation sdp Content Length o UserA 2890844526 2890844526 IN IP4 here com s Session SDP C IN TP4 DC33 at anta Comm t 0 0 m audio 49172 RTP AVP 0 a rtpmap 0 PCMU 8000 I 1 5 SIP STP 2 0 200 OK NR 0 Via STP 2 0 UDP server10 bi1ox1i com branch z 3hG4bKnashds8 receilved 192 0 2 3 Via SIP 2 0 UDP bigbox3 site3 atlanta com branch z 3hG4bK77ef4c2312983 1 receilved 192 0 2 2 WaS SIPLZ 07UDP BEI aE ant dC branch z 3hG4bK776asdhds reCe1ved 1 92 0 2 1 OY BOD BLODYDODGDTUOXT OO tad TCSEE From Alice lt sip alice atlanta com gt ag 1928301774 Call ID a84b4c76e66710Gpc33 at anta Com CSed 314159 TNVTTE GOESGES SD20O601 0 2 0 4 Content Type app1ioation sdp Content Length I 1 6 SIP 15 SIP 3 IT 5 SIP SIP INVITE ACK SIP 200
250. User Agent Client UAS User Agent Server UDP User Datagram Protocol UDP TOP UOPF UPDATE SIP URL Uniform Resource Locator VBR Variable Bit Rate SIP Virtual LAN Voice over IP IP VRRP Virtual Router Redundancy Protocol Wired REquivalent Privacy WPA Wi Fi Protected Access WEP
251. 200 OK ACK 1 4 re INVITE 42 SIP 3 1 SIP 4 BYE INVITE BYE 1 5 INVITE SIP BYE SIP SIP SIP INVITE SIP SIP STP SIP SIP SIP
252. B 18 2 1 Using GDB with VxWorks http sourceware org gdb current onhnedocs gdb 19 html SEC182 m CVSS 60 CVSS _ 5 116 SIP 3 18 18 18 1 SIP STP 1ID 18 2 SIP TCP IP SIP
253. E6508d51ae2a1dcGpc33 examp1e Co Jp CSeq 2 REGTSTER Contact S1p a11CeGpc33 eGxamp1e Co pD 5060 exp1res 3600 Authorization Digest realm unknown nonCe 8a8aee697577e338dae62doc442149b8d opadqdue algorithm MD5 dop auth cnonce 1EFBB0373 nc 00000001 ur S1p 172 17 0 20 5060 username alioe reGSpPonse 907228c79a27a566ca47541c2a6b72de Conten TLength 0O ll 1 14 REGISTER SIP a SIP INVITE SIP 407 Proxy MUSB Reqguired 6 NO SIP SIP SIP INVITE 407 NE 407 Proxy Authentication Reguired ID lt i INVITE INVITE
254. INVITE SIP IP SIP REGISTER REGISTER STIP UP REGISTER CG 1 2 SIP SIP REGISTER SIP REGISTER Call ID SIP REGISTER 2 SS sip ua example com SIP REGISTER To sip ua example com Contact sip 192 168 0 100 Expires 3600 200 OK SIP REGISTER To sip ua exarmple com Contact sip 192 168 0 100 Eexpires 0 SIP 200 OK
255. L A 200 OK CANCEL 487 Request Terminated 487 Request Terminated 1 CK ACK IL 1 11 CANCEL SIP 3 2 5 SIP SIP HTTP pa ee Basic HTTP 1 1 RFC 2617 HTTP SIP WWW Authenticate 401 Unauthorized SIP Authorization
256. NVITE NN gt ee lt NN SIP SIP 2 1 2 2 8 1 200 OK 2 302 Moved Temporarily 3 404 Not Found 1 200 OK INVITE 200 OK INVITE 200 OK 48 SIP 3 2 SIP a aR 200 OK SDP
257. P ADSL a VolIP 6 SIP p PC gt gt ISP iP 1 18 IP 3 2 nstant Message IM OE OS NN de A ha 2 IM SIP SIMPLE SIP for Instant Messaging and Presence Leveraging Extensions SIP SIP
258. S Client Key Exchange TLS TLS Change Cipher Spec Change Ciper Spec SIP SIP SIP REGISTER SIP SIP 200 OK 200 OK SIP RR SIP 20 1 TLS 20 2 TLS TLS Man in the Middle MITM 129 SIP 3 20 SIP TLS 20 1 TLS SIP SIP
259. SDP SIP SRTP 2 2 SRTP SRTP SDP SIP TLS TPsec SIP S MIME SDP SDP MIKEY ZRTP IKE 8 SRTP SRTP 8 SRTP SIP IP PBX
260. SIP 3 IP IDA 2010 9 Microsoft MS Windows Windows 2000 Windows NT Windows XP Windows Internet Explorer Outlook Outlook Rxpress Microsoft Corporation Sun Microsystems Sun Java Solaris Java JDK Sun Microsystems URL SIP http www Ipa go D security vuln vuln_SIP html SIP 3
261. SIP SIP SIP SIP 108 SIP 3 15 IP SIP SIP SIP SIP SITP SIP 15 3
262. SL 2008 8 REC 5246 The Transport Layer Security TLS Protocol Version 1 2 http tools 1etf org html rfc5246 TLS 2008 6 Datagram Transport Layer Security version DTLS 1 2 http tools 1etf org html draft etf tls rfc4347 bis 2010 7 04 2007 5 134 SIP 3 20 8SIP TLS IETF TLS Working Group http wwwr iett org html charters tls charter html TLS IETF PKIX Working Group http www 1ietf org html charters pkix charter html X 509 20 5 CVSS CVSS 26 6 CVSS
263. TFTP VoIP 1999 6 RFC2616 Hypertext Transfer Protocol HTTP 1 1 http tools 1etf org html rfc2616 HTTP REC 2000 5 RFC2818 HTTP Over TLS http www ipa go jp security rfc REC2818JA html TLS HTTP RFC 1983 5 RFC854 TELNET PROTOCOL SPECIETCATION http tools 1etf org html rfc0854 TELNET RFC 2003 4 RFC3512 Configuring Networks and Devices with Simple Network Management Protocol SNMP http tools 1etf org htmlrfc3512 SNMP RFC 2003 8 RFC3584 Coexistence between Version 1 Versnon 2 and Verson 3 of the Internet standard Network Management Hramework http tools 1etf org html rfc3584 SNMP SNMP RFC 1991 12 RFC1282 BSD Rlogm http tools 1etf org html rfc1282 RLOGIN REC 2007 3 IPA Secure Shell http wwwr ipa go p securty rfc RFC htm 13 SSH RFC 121 SIP 3
264. a05397450978507c4efl opPadue 5cocc069c403ebafF9EO171e9517E40e41 cnonce nc response nonce opaque UAS cnonce UAC cnonce cn cnonce 1 1 nonce 0 6 0 0
265. advisory amp tid 179 amp 2007 3 Sipera Absence of server authentication during SIP digest authentication http www sipera com index php action resources threat_advisory amp tid 180 amp 2007 3 Sipera Registrar honors replayed authentication parameters http www sipera com index php action resources threat_advisory amp tid 181 amp 2007 3 Sipera No cross check performed between username of user requesting authentication and username used in credentials during SIP digest authentication http www sipera com index php action resources threat_advisory amp tid 182 amp 2007 3 Sipera Some 1mplementations of SIP Proxy may honor replayed authentication credentials http www sipera com index php action resources threat_advisory amp tid 183 amp 2007 3 Sipera Service provider call feature servers may be vulnerable to service theft when sent a replayed and spoofed feature invocation message http www sipera com index php action resources threat_advisory amp tid 188 amp 2007 3 Sipera Service provider call feature servers may be vulnerable to call hijacking http www sipera com index php action resources threat_advisory amp tid 189 amp IP SIP
266. enssl org 4 RFC5763 Framework for Establshing a Secure Real time Transport Protocol SRTP Security Context Using Datagram Transport Layser Security DTLS http tools ietf org html rfc5763 92 SIP 3 3GPP IMS IPsec SIP RTP 4 8 2 TLS an TLS DTLS STP TLS 1 SIP TLS SIP SIP SIP SIP 2 TLS TLS SIP IP 3 TLS SIP SIP
267. her DTLS SRTP DTLS TLS SSL SSL TLS TLS 75 SIP 3 8 RTP IPseec SIP DTLS SRTP SIP TLS STIP RTP SIP
268. rds 87 i esSc01 239409asdfak kn23onasd0 3234 CSeq 234234 INVITE Via STP 2 0 UDP host5 examp1e net branch z9hG4bKkd uw C application sdD Con aC S1D Ca 6CerGhost5 examp1e net 6C 7 2 mm 61mG V 6 u 2 34 31 gt Content Length 150 v 0 o mhandley 29739 7272939 IN IP4 192 0 2 1 a c IN IP4 192 0 2 1 t 0 0 m audio 49217 RTP AVP 0 12 m video 3227 RTP AVP 31 a rtpmap i3l LPC 12 8 XX RFC4475 12 3 RFC4475 SIP SIP 2 16 SIP 1
269. rvces http www 3gpp org ftp Specs html nfo 33208 htm 2007 7 IETF Audio Video Transport av http netf org html charters avt charter html RTP RTP 2007 7 ZRTP Media Path Key Agreement for Secure RTP http tools 1etf org html draft zimmermann avt zrtp 2007 4 Asterisk encryption http www voip info org wiki view Asterisk encryption Asterisk SRTP 2007 10 The Zfone Project http zfoneproject com PGP Phil Zimmermann ZRTP Zfone 2007 10 Sipera Vonage voce conversation may be vulnmerable to eavesdroppng http www sipera com index php action resources threat advisory amp tid 359 Vonage IP 2010 5 RFC5763 Framework for Establishing a Secure Real time Transport Protocol SRTP Security Context Using Datagram Transport Layer Security DTLS 6 10 Media over SRTP http tools etf org html rfc5763 sectnon 6 10 2010 5 REC5764 Datagram Transport Layer Security DTLS Extension to Establish Keys for the Secure Real time Transport Protocol SRTP http tools 1etf org html rfc5764 77 SIP
270. t Access Authentncation http tools 1etf org htmlrfc3217 2004 8 Colhsnons for Hash Functions MD4 MD5 HAVAL 128 and RIPEIMD http eprnt acr org 2004 199 pdf 2007 IPA C C 3 http Wwwr 1rpa go p secur1ty awareness vendor programmnngv2 contents c 203 html 2008 10 IPA http wwwr ipa go p securty event 2008 ipa forum documents TIPAforum20 08yamagr1shi pdf 3 5 CVSS m CVSS 26 CVSS 4 56 SIP 3 4 SIP 4 SIP 4 1
271. wwwr ee oulu f research ouspg protos testing c07 sip 2006 11 C C Robert C Seacord JPCERT 2007 5 Symantec Security Response Hacktool Sipbot http www symantec com securty_response wrteup sp doc1d 2007 050 914 5546 99 amp tabid 2 SIP Java 2008 8 VolP Security Threats and Countermeasures http www apan net meetings newzealand2008 presentations sip apan26 eric pdf SIP TP 2008 2 Exposing Vulnerabilties in Media Software http www blackhat com presentations bh europe 08 Thiel Whitepaper b h eu 08 thiel WPpdf iSEC PARTNERS BlackHat 2008 Ogg Speex FLAC MPEG4 Fuzzing 2008 2 REC5118 Session Initiation Protocol SIP Torture Test Messages for Internet Protocol Version 6 TPy6 http tools ietf org html rfc5118 98 SIP 3 12 2008 9 SIP
Download Pdf Manuals
Related Search