SIP security for engineers

Description

A hands-on course covering SIP security. It is assumed that delegates already know SIP as this course focuses purely on the security issues in SIP IP telephony networks. Hands-on practicals follow each major theory session and include use of various SIP security tools such as vomit, sipp, sipsak and sivus amongst others.

What will you learn

SIP security training course details

Technical staff working with SIP.
Technical security staff.

SIP for engineers

2 days

SIP infrastructure and entities, example SIP session.

Hands on Simple SIP network with and without
authentication.

DOS attacks, infrastructure attacks, eavesdropping,
spoofing, replay, message integrity.
Hands on Basic
SIP packet capture, infrastructure attacks.

SIP packet creation: Sivus, SIPsak, PROTOS, SFTF,
SIP bomber, SIPp, Seagull, Nastysip. SIP packet
generators: SIPNess, NetDude. Monitoring:
Wireshark, Cain & Abel, Vomit, Oreka, VoiPong.
Scripts and tools: SIP-Fun, Skora.net, kphone-ddos,
sip-scan, sip-kill, sip-redirectrtp. Health of different
tools.
Hands on Generating SIP packets, rebuilding
conversations from captured packets, password
cracking.

IPSec, AH, ESP, transport mode, tunnel mode, Pre
Shared Keys, Public keys.
Hands on SIP calls over
IPSec.

SIP relationship with HTTP, Deprecated HTTP 1.0
basic authentication, HTTP 1.1 Digest authentication,
S/MIME, SIPS, SIPS URI, TLS, DTLS, PKI
infrastructures.
Hands on SIP with TLS.

SRTP, features, packet format, default encryption,
default authentication, key distribution. S/MIME,
MIKEY, SDP security descriptions. SIP security
agreements.
Hands on Analysing SRTP packets.

NAT traversal. Impact of firewall on infrastructure
attacks. TLS and firewalls. SIP specific firewalls.

Hands on SIP calls through a firewall.