Protecting SIP

The BrainYard - Where collaborative minds congregate.

The SIP working group within the ITEF has just published an Internet Draft describing SIP's vulnerability to relay attack and some possible mitigations. The attack method is via a "man-in-the-middle" approach whereby the attacker inserts himself in between the victim and their outbound proxy server, and initiates a session with the victim.

Given SIP's role as the common protocol within a unified communications architecture, it's important to be aware of security threats, especially as organizations widen their adoption of SIP-to-SIP extranet connectivity and SIP trunking for PSTN access.

Editor's Choice
James M. Connolly, Contributing Editor and Writer
Carrie Pallardy, Contributing Reporter
Shane Snider, Senior Writer, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
John Edwards, Technology Journalist & Author