[VOIPSEC] Actual Attacks
Geoff Devine
gdevine at cedarpointcom.com
Tue Feb 22 10:16:40 CST 2005
Christopher A. Martin <chris at sip1.com> writes:
> - Standard DoS today in terms of flooding cannot be stopped, but it
can be
> handled in the Internet backbone (which often occurs transparently
> so the rest of us don't see it).
>
> - Also standard precautions, such as deploying SIP aware firewalls or
border
> controllers which handle the media dynamically prevent a majority of
port
> scans and other direct attacks which low end devices are typically
> susceptible to.
A side effect of using session controllers and their brethren in a VoIP
architecture is that you make the IP address of the endpoint anonymous.
This addresses both privacy concerns and makes DoS attacks against a
subscriber endpoint less likely. Any architecture that permits media
streams to flow directly between subscriber endpoints is very vulnerable
to DoS attacks on those endpoints.
Geoff
More information about the Voipsec
mailing list