User Tools

Site Tools


Overview of Security issues for SIP routers

Author of initial tutorial:
Davy Van De Moere

An attempt to give a full overview of security risks a SIP Router is confronted with.

Security Risks

Quoting shamelessly from RFC3261 Chapter 26:

SIP is not an easy protocol to secure. Its use of intermediaries, its multi-faceted trust relationships, its expected usage between elements with no trust at all, and its user-to-user operation make security far from trivial.


1. Registration Hijacking (rfc3261)

2. Impersonating a Server (rfc3261)

3. Tampering with Message Bodies (rfc3261)

4. Tearing Down Sessions (rfc3261)

5. Denial of Service and Amplification (rfc3261)

6. Scanning attacks

7. Session re-use

8. …

tutorials/security/security-threats.txt · Last modified: 2014/01/29 12:35 by