Presentation is loading. Please wait.

Presentation is loading. Please wait.

SIP Protocol overview SIP Workshop APAN Taipei Taiwan 23rd Aug 2005

Published byNicholas Banks Modified over 6 years ago

Similar presentations

Presentation on theme: "SIP Protocol overview SIP Workshop APAN Taipei Taiwan 23rd Aug 2005"— Presentation transcript:

1 SIP Protocol overview SIP Workshop APAN Taipei Taiwan 23rd Aug 2005
By Stephen Kingham

2 Copyright Stephen Kingham 2004
This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

3 Outline and Objectives
SIP Authentication Who are you? SIP Authorisation What are you allowed to do? SIP Presence and Instant Messaging (the SIMPLE protocol) I am available! Buddy lists.

4 Authentication in SIP Both ends must know the same secret password (key). The password is used to encrypt certain information such as the user’s password. Originated from HTTP (WWW) and often called HTTP digest, Digest Authentication is described by RFC 2671. RFC 3261 (SIP) describes how Digest Authentication is applied to SIP.

5 SIP REGISTER with Digest Authentication
UA Proxy Server REGISTER (with out credentials) 407 Proxy Authentication Required ask user for a password REGISTER (password encrypted with key) 200 OK

6 SIP INVITE with Digest Authentication
UA Proxy Server UA INVITE (with out credentials) 407 Proxy Authentication Required ACK ask user for a password INVITE (with encrypted password) 100 TRYING INVITE (password removed)

7 Secure SIP SIPS, a close cousin of SIP, is a good and low cost means of encryption soon to be widely deployed. It specifies TLS (transport layer security) over TCP and is not subject to bid down attacks. This means a SIPS call will fail rather than complete insecurely.

8 Protect Gateways from un-authorised use
Use a Proxy Server in front of your Gateways, turn on Record Route so ALL SIP control is via Proxy. Configure gateways so that they only respond to SIP from your SIP Proxy. Filter TCP and UDP traffic to port 5060 on the Gateway. Also do the same for H.323, TCP traffic to port 1720 on the gateway.

Download ppt "SIP Protocol overview SIP Workshop APAN Taipei Taiwan 23rd Aug 2005"

Similar presentations

Presence, Security and Privacy. www.dynamicsoft.com VON 3.20. 01 The Current Environment Many Faces of Security Authentication Verify someone is who they.

Presence, Security and Privacy. VON The Current Environment Many Faces of Security Authentication Verify someone is who they.
RadSec – A better RADIUS protocol

RadSec – A better RADIUS protocol
Glenn Johnson John A. Dutton e-Education Institute Project Manager, Penn States e-Portfolio Initiative Glenn Johnson John A. Dutton e-Education Institute.

Glenn Johnson John A. Dutton e-Education Institute Project Manager, Penn States e-Portfolio Initiative Glenn Johnson John A. Dutton e-Education Institute.
Save Time, Money, and Energy by Virtualizing Your Environment Mica Lyman and Shawn Harpe Oklahoma State University Copyright Mica Lyman, Shawn Harpe 2007.

Save Time, Money, and Energy by Virtualizing Your Environment Mica Lyman and Shawn Harpe Oklahoma State University Copyright Mica Lyman, Shawn Harpe 2007.
What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.

What Does the Net Generation Expect From Us? SAC August 8, 2005 SAC August 8, 2005 Copyright © 2005, Joel L. Hartman. This work is the intellectual property.
The Academic Computing Assessment Data Repository: A New (Free) Tool for Program Assessment Heather Stewart, Director, Institute for Technology Development,

The Academic Computing Assessment Data Repository: A New (Free) Tool for Program Assessment Heather Stewart, Director, Institute for Technology Development,
Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.

Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.
Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau 2004. This work is the intellectual property of the authors. Permission is granted for.

Copyright Tom Parker, Ron DiNapoli, Andrea Beesing, Joy Veronneau This work is the intellectual property of the authors. Permission is granted for.
EDUCAUSE Security Professionals Conference 2007 Monkey-in-the-Middle Attacks on Campus Networks Andrew J. KortySean KrulewitchIndiana University April.

EDUCAUSE Security Professionals Conference 2007 Monkey-in-the-Middle Attacks on Campus Networks Andrew J. KortySean KrulewitchIndiana University April.
Educause Security 2007ISC Information Security Copyright Joshua Beeman, 2007. This work is the intellectual property of the author. Permission is granted.

Educause Security 2007ISC Information Security Copyright Joshua Beeman, This work is the intellectual property of the author. Permission is granted.
SIP Security Matt Hsu.

SIP Security Matt Hsu.
JA-SIG CAS Enterprise Single Sign-On Scott Battaglia Application Developer Enterprise Systems & Services Rutgers, the State University of New Jersey Copyright.

JA-SIG CAS Enterprise Single Sign-On Scott Battaglia Application Developer Enterprise Systems & Services Rutgers, the State University of New Jersey Copyright.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.
Moving Your Paperwork Online Western Washington University E-Sign Web Forms Copyright Western Washington University, 2004. This work is the intellectual.

Moving Your Paperwork Online Western Washington University E-Sign Web Forms Copyright Western Washington University, This work is the intellectual.
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
SIP Session Initiation Protocol Short Introduction Artur Hecker, ENST.

SIP Session Initiation Protocol Short Introduction Artur Hecker, ENST.
1 RFC 3486 Compressing the Session Initiation Protocol (SIP) 曾朝弘 電機系 系統組 碩士班一年級.

1 RFC 3486 Compressing the Session Initiation Protocol (SIP) 曾朝弘 電機系 系統組 碩士班一年級.
Considerations for Patch Management – an RFP Extensive RFP Extensive RFP Pain in the Butt Pain in the Butt 10 Minutes to tell you about it 10 Minutes to.

Considerations for Patch Management – an RFP Extensive RFP Extensive RFP Pain in the Butt Pain in the Butt 10 Minutes to tell you about it 10 Minutes to.
Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.

Sharing Information and Controlling Content: Continuing Challenges for Higher Education Susanna Frederick Fischer Assistant Professor Columbus School of.
Copyright Michael White and Sandra Thompson, 2008. This work is the intellectual property of the author. Permission is granted for this material to be.

Copyright Michael White and Sandra Thompson, This work is the intellectual property of the author. Permission is granted for this material to be.

Similar presentations

Ads by Google