SIP security for engineers

Description

SIP security training course description

A hands-on course covering SIP security. It is assumed that delegates already know SIP as this course focuses purely on the security issues in SIP IP telephony networks. Hands-on practicals follow each major theory session and include use of various SIP security tools such as vomit, sipp, sipsak and sivus amongst others.

What will you learn

• Secure SIP networks
• Use various SIP security tools

SIP security training course details

SIP security training course contents

• SIP review

SIP infrastructure and entities, example SIP session.
Hands on Simple SIP network with and without authentication.

• SIP security attacks

DOS attacks, infrastructure attacks, eavesdropping, spoofing, replay, message integrity.
Hands on Basic SIP packet capture, infrastructure attacks.

• SIP tools

SIP packet creation: Sivus, SIPsak, PROTOS, SFTF, SIP bomber, SIPp, Seagull, Nastysip. SIP packet generators: SIPNess, NetDude. Monitoring: Wireshark, Cain & Abel, Vomit, Oreka, VoiPong. Scripts and tools: SIP-Fun, Skora.net, kphone-ddos, sip-scan, sip-kill, sip-redirectrtp. Health of different tools.
Hands on Generating SIP packets, rebuilding conversations from captured packets, password cracking.

• VPNs and SIP

IPSec, AH, ESP, transport mode, tunnel mode, Pre Shared Keys, Public keys.
Hands on SIP calls over IPSec.

• Secure SIP signaling

SIP relationship with HTTP, Deprecated HTTP 1.0 basic authentication, HTTP 1.1 Digest authentication, S/MIME, SIPS, SIPS URI, TLS, DTLS, PKI infrastructures.
Hands on SIP with TLS.

• Secure media streams

SRTP, features, packet format, default encryption, default authentication, key distribution. S/MIME, MIKEY, SDP security descriptions. SIP security agreements.
Hands on Analysing SRTP packets.

• Firewalls

NAT traversal. Impact of firewall on infrastructure attacks. TLS and firewalls. SIP specific firewalls.
Hands on SIP calls through a firewall.