Introduction to DoS Attack in SIP Infrastructur. part1

Ada tulisan yang sangat menarik dari dua orang pakar SIP dari tekelec ini. Jiri Kuthan dan Dorgham Sisalem. Tulisannya tentang DENIAL OF SERVICE ATTACKS AND SIP INFRASTRUCTURE(Attack Scenarios and Prevention Mechanisms)

Kemudian hal seperti ini tidak akan terjadi di dunia switching networks.
"Security threats are considered minimal in current circuit switched networks. This is achieved by using a closed networking environment dedicated to a single application (namely voice). "

Intinya :
SIP (Session Initial Protocol) is a protocol proposed standard for initiating, modifying and terminating an interactive user session that involves multimedia elements such as video, voice. It is one of the leading signalling protocols for VoIP.

Denial of Service (DoS) attacks aim at denying or degrading a legitimate user's access to a service or network resource, or at bringing down the servers offering such services.

Distributed Denial of Service DDos is attacking mechanism that developed tools to coordinate distributed attacks from many separate sites,

Whereas, SIP depends much on DNS (Domain Name Service), and this feature could be exploited by attackers to launch a DoS attacking by difficult-resolvable DNS flooding.

Inti yang diserang dibagi menjadi tiga :
1. Memory
2. Bandwith
3. CPU

Cara mereka menyerang adalah melalui tiga hal ini:
1. Message parsing
2. Security check
3. Supporting services (AAA servers, DNS servers)

Pembahasan lebih lanjut dibahas di part selanjutnya