Authentication HTTP Digest of SIP Messages Best Practices VoIP-SIP Security

HTTP Digest Authentication allows a server to authenticate signalling messages sent by an IP phone. Attacks based on the usurpation of identification become impossible as long as the password policy is strong enough. HTTP Digest must be configured on:
      -All SIP servers
 
      - The IP phones
   By:
    -   Defining the authentication domain
  
    -   Defining the password (shared secret between the servers and the IP phones)
   
As this authentication method is vulnerable to offline brute force attacks, it’s recommended to define a policy imposing a suitably long and complex password.
Read More:http://www.vadese.org/files/upload/Best_practices_VoIP_en_v20.pdf

Related post



Newer Post Older Post

0 comments:

Post a Comment

 

Wiki Voip And Fax Tutorials Copyright © 2010 Labloub