[VoiceOps] Preventing random SIP connections to handsets
caalvarez at gmail.com
Fri Nov 20 16:16:32 EST 2015
We've never seen evidence of issues other than just making phones ring. I
assume it's some script kiddies trying to find an open SIP proxy.
The routers in use are owned by our ISP partner and managed by them.
Typical mid-grade routers like a 1900 series. I'm not aware of an ability
to filter SIP as an application with those, though I've been pretty removed
from Cisco hands-on for some time. Filtering based on port would not help
On Fri, Nov 20, 2015 at 2:13 PM, Alex Balashov <abalashov at evaristesys.com>
> On 11/20/2015 04:09 PM, Calvin Ellison wrote:
> challenge to BYE should mitigate that particular targeted attack.
> Spoofed sequential (in-dialog) requests strike me as less of a concern
> than initial requests, since, in order for the BYE to match an existing
> dialog in the phone's UAS, the attacker would have to spoof a valid From
> & To-tag, Call-ID, CSeq, etc.
> Alex Balashov | Principal | Evariste Systems LLC
> 303 Perimeter Center North, Suite 300
> Atlanta, GA 30346
> United States
> Tel: +1-800-250-5920 (toll-free) / +1-678-954-0671 (direct)
> Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
> VoiceOps mailing list
> VoiceOps at voiceops.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the VoiceOps