Security testing of SIP implementations
- Security testing of SIP implementations
- Wieser, Christian
Schulzrinne, Henning G.
- Technical reports
- Computer Science
- Persistent URL:
- Columbia University Computer Science Technical Reports
- Part Number:
- Department of Computer Science, Columbia University
- Publisher Location:
- New York
- The Session Initiation Protocol (SIP) is a signaling protocol for Internet telephony, multimedia conferencing and instant messaging. Although SIP implementations have not yet been widely deployed, the product portfolio is expanding rapidly. We describe a method to assess the robustness of SIP implementation by describing a tool to find vulnerabilities. We prepared the test material and carried out tests against a sample set of existing implementations. Results were reported to the vendors and the test suite was made publicly available. Many of the implementations available for evaluation failed to perform in a robust manner under the test. Some failures had information security implications, and should be considered vulnerabilities.
- Computer science
- Item views
text | xml
- Suggested Citation:
- Christian Wieser, Marko Laakso, Henning G. Schulzrinne, 2003, Security testing of SIP implementations, Columbia University Academic Commons, http://hdl.handle.net/10022/AC:P:29197.