1-Call hijacking using the registrar server 1: The aim of this attack is to hijack a call using the registrar server. The attacker will associate his IP with his target’s URI by sending a REGISTER request with highest priority using the “q” parameter. This will indicate a preference for the inserted
contact and calls to the target will therefore be directed to the attacker.
The attacker must be able to contact the registrar to send it false REGISTER requests.
2-Call hijacking using the registrar server 2: The aim of this attack is to hijack a call using the registrar server. The attacker will associate his IP with his target’s URI by sending a REGISTER request with the lowest priority using the “q” parameter, meaning that the inserted contact will be consulted last.
The attacker then initiates a DoS attack on the addresses belonging to the target so that communications will be forwarded to him.
The attacker must be able to contact the registrar to send it false REGISTER requests. He must also be able to initiate a DoS attacks against his target
Read More:http://www.vadese.org/files/upload/Best_practices_VoIP_en_v20.pdf
VoIP-SIP Security Call hijacking using the registrar server
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment