Silencing a Client VoIP-SIP Security

 Attacks using or against STUN (packet injection with a false MAPPED-ADDRESS) require that the attacker is able to intercept messages from the client to the server, because STUN clients use a 128 bit identifying field that the server will use to answer them. The clients will ignore any STUN message that doesn’t contain the correct value.
This attack will prevent a client from reaching the server he wished to contact. The attacker will prevent a user from contacting the service activated by STUN (for example multimedia traffic based on SIP) by sending the use a MAPPED-ADDRESS that points to nothing. All the user’s requests will therefore go nowhere.

It’s important to note that this attack isn’t very advantageous for the attacker. Il only affects one client, and often not the desired target. Besides, if the attacker hasthe means to do this attack, he could DoS the target through other methods, such as preventing communication from the STUN or DHCP server.
The attacker must be able to send a forged STUN answer to a STUN client.
Read More:

Related post

Newer Post Older Post


Post a Comment


Wiki Voip And Fax Tutorials Copyright © 2010 Labloub