[SIPForum-discussion] SIP Security

• Previous message: [SIPForum-discussion] SIP Security
• Next message: [SIPForum-discussion] Về: SIP Security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
      The problem seems to be a bit  strange and need further inputs from
you .
1)Can you tell me what is the authentication mechanism?? is it HTTP-Digest
MD5 ??
2)I see in the call flow below an Invite with credentails sent by the
Proxy.I dont think it is possible in the scenario explained below ,that too
with a normal Proxy,was it a mistake in the call flow arrow diagram??
3)The "week "duration has nothing to do with the call as far as i know ,can
you confirm that calls succeed only after a week??.
4)How did u confirm it is an MITM attack??.Do you mean to say that the
Subscriber A was down and not alive during the MITM call


Regards,
Sriram

On Mon, Nov 9, 2009 at 4:02 PM, Nguyen Duc Hoang <sizer86 at yahoo.com> wrote:

>  Hi,everybody!
>
> When Subscriber A calls a SIP call to Subscriber B.
> A                                MiM                               Proxy
> ---------------------INVITE---------------------->
> <----------------------401-------------------------
> -------------------------ACK--------------------->
> <--------------------INVITE(credentials)----------
>      one week later           ---INVITE(credentials)-->
>                                       <-----100trying-----------
>                                       <-------180 ringing-------
>                                       <-------200OK----------
>                                       --------ACK------------->
>
> A MITM captures all messages from A then uses its parameter to take an
> unauthorized call. I don't know how he can captures all messages (In real
> conditions - because i read that threat in a document about AT&T network). I
> also don't know what fields does he have to take information, why must to be
> that fields and why the attacker can be accepted by the proxy after 1 week?
>
> Can you explain it for me?
>
> ------------------------------
> Bạn sẽ làm gì khi cuộc đời không cho bạn cơ hội?
> <http://vn.answers.yahoo.com/question/index;_ylt=AsAn_1E7fdQDFFdO51nPhpvRVQx.;_ylv=3?qid=20080826165943AAsd3jQ>
> Câu trả lời từ những người đã trải qua những thăng trầm trong cuộc sống.
>
> _______________________________________________
> This is the SIP Forum discussion mailing list
> TO UNSUBSCRIBE, or edit your delivery options, please visit
> http://sipforum.org/mailman/listinfo/discussion
> Post to the list at discussion at sipforum.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://sipforum.org/pipermail/discussion/attachments/20091110/bef8006d/attachment.html 

• Previous message: [SIPForum-discussion] SIP Security
• Next message: [SIPForum-discussion] Về: SIP Security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]