[VOIPSEC] Softphone Security
Robert Moskowitz
rgm at icsalabs.com
Mon Oct 17 09:41:21 CDT 2005
At 12:46 PM 10/15/2005, Ari Takanen wrote:
>5. Malware that affects the VoIP software will affect all other
> applications on the PC and data services available to that PC (a
> separated VoIP phone would not require access to file services,
> databases, intraweb, ...)
I question your wording. I can conceive of a Malware that targets
only the VoIP software. Specifically in light of point 6.
>6. Any special permissions that the VoIP application has over firewall
> rules will apply to all applications on that desktop
> (e.g. peer-to-peer software will use SIP for bypassing the security
> policy, which interestingly relates to earlier discussion on
> analyzing the real data content inside the RTP streams)
Again, problems with wording. In general this is true. I have not
seen it done here, but we do see program specific 'fingerprints'
(e.g. AOL IM) that can restrict authentication to a specific
request. This may be more complicated than many will bother
with. Until there is wide-spread misuse of SIP/RTP policies.
Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
W: 248-968-9809
F: 248-968-2824
VoIP: 248-291-0713
E: rgm at icsalabs.com
There's no limit to what can be accomplished if it doesn't matter who
gets the credit
More information about the Voipsec
mailing list