Session Setup
The main threats to session setup are described in Table 9.1. They are described
in terms of their impact on a single SIP user. A similar set of threats could be
listed as threats against a server or service provider.Table 9.1 Threats on SIP Session Setup
THREAT DESCRIPTION PROTECTION MECHANISM
Call hijacking A user “dials” a SIP Authentication of Digest, Enhanced
URI but establishes signaling; identity Identity
a session with
different user.
Registration Incoming calls to Integrity protection auth-int Digest or
hijacking a user are diverted of registration. TLS
to a third party.
Impersonation A third party imper- Identity Enhanced Identity
sonates another
user in a session.
Eavesdropping A third party tracks Confidentiality TLS
on signaling and records whom of SIP
a user is communi-
cating with by moni-
toring SIP messages.
Eavesdropping A third party tracks Confidentiality SRTP
on media and records media of RTP
sessions by a user.
Denial of Service Calls to or from a IP, SIP, and RTP Variety of
user are prevented. layer traffic mechanisms
management
Session Calls to or from a Integrity Secure SIP
disruption user are disrupted
after they are
established.
Bid-down attack Calls to or from a Integrity protection; Secure SIP
user are forced to not supporting low-
use a lower level security modes of
of security by an communication
attacker.160 Chapter 9