HTTP Digest Authentication allows a server to authenticate signalling messages sent by an IP phone. Attacks based on the usurpation of identification become impossible as long as the password policy is strong enough. HTTP Digest must be configured on:
-All SIP servers- The IP phones
By:
- Defining the authentication domain
- Defining the password (shared secret between the servers and the IP phones)
As this authentication method is vulnerable to offline brute force attacks, it’s recommended to define a policy imposing a suitably long and complex password.
Read More:http://www.vadese.org/files/upload/Best_practices_VoIP_en_v20.pdf
0 comments:
Post a Comment