Distributed Deny of Service (DDoS) using STUN VoIP-SIP Security

Attacks using or against STUN (packet injection with a false MAPPED-ADDRESS) require that the attacker is able to intercept messages from the client to the server, because STUN clients use a 128 bit identifying field that the server will use to answer them. The clients will ignore any STUN message that doesn’t contain the correct value.
Distributed Deny of Service (DDoS) using STUN :This attack will launch a DDoS attack through STUN. The attacker will disseminate among a large number of clients a false MAPPED-ADDRESS that will make them believe that their addresses are that of the target. They will then all give that address to receive traffic, and the resulting traffic will overflow the target, especially if some of the clients use STUN for multimedia applications.
The attacker must be able to fake a STUN answer.
Read More:http://www.vadese.org/files/upload/Best_practices_VoIP_en_v20.pdf

Related post

Newer Post Older Post


Post a Comment


Wiki Voip And Fax Tutorials Copyright © 2010 Labloub