[SIPForum-discussion] SIP Security

• Previous message: [SIPForum-discussion] Reg Refresh Register and De-register
• Next message: [SIPForum-discussion] SIP Security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,everybody!

When Subscriber A calls a SIP call to Subscriber B. 
A                                MiM                               Proxy
---------------------INVITE---------------------->
<----------------------401-------------------------
-------------------------ACK--------------------->
<--------------------INVITE(credentials)----------
     one week later           ---INVITE(credentials)-->
                                      <-----100trying-----------
                                      <-------180 ringing-------
                                      <-------200OK----------
                                      --------ACK------------->

A MITM captures all messages from A then uses its parameter to take an unauthorized call. I don't know how he can captures all messages (In real conditions - because i read that threat in a document about AT&T network). I also don't know what fields does he have to take information, why must to be that fields and why the attacker can be accepted by the proxy after 1 week?

Can you explain it for me?



      Cảm giác an toàn hơn khi online. Nâng cấp lên Internet Explorer 8 mới, an toàn hơn,tối ưu hóa cho Yahoo!. Hoàn toàn miễn phí. Tải IE8 tại đây! 
http://downloads.yahoo.com/vn/internetexplorer/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sipforum.org/pipermail/discussion/attachments/20091109/2528b41b/attachment-0002.html>

• Previous message: [SIPForum-discussion] Reg Refresh Register and De-register
• Next message: [SIPForum-discussion] SIP Security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]