VoIP-SIP Security Re-INVITE / Session Replay – Mid Session tricks

This attack modifies the configuration of a call in eavesdrop or record it. The attacker needs to obtain an INVITE message by listening to the network. 
He can then introduce a forged INVITE message with modified parameters during the conversation. This can be exploited several ways, but one of them is to add a third person to do the eavesdropping or recording.
The attacker must be able to listen to SIP messages and insert forged ones.
      RFC 3261 - SIP: Session Initiation Protocol

Related post

Newer Post Older Post


Post a Comment


Wiki Voip And Fax Tutorials Copyright © 2010 Labloub