Hi Fred, nice paper btw, what about H.323?
Regards /JA https://www.securinfos.info ----- Original Message ----- From: "Frederic Charpentier" <[EMAIL PROTECTED]> Cc: <full-disclosure@lists.grok.org.uk> Sent: Thursday, March 23, 2006 3:43 PM Subject: [Full-disclosure] VoIP Security whitepaper : a layered approach > Hi FD, > Our team is pleased to release a whitepaper about VoIP. > This whitepaper propose a security analysis of the Voice Over IP > protocols with a layered approach. > > Link : > http://www.xmcopartners.com/whitepapers/voip-security-layered-approach.pdf > > Chapters : > 1 VOICE OVER IP SECURITY > 1.1 A GENERAL OVERVIEW OF VOICE OVER IP > 1.2 VOICE OVER IP PARTICULARITIES > 1.3 VOICE OVER IP ARCHITECTURES > 1.4 VOICE OVER IP THREATS > 1.4.1 Signaling Protocols Layer > 1.4.1.1 SIP based Denials of Service > 1.4.1.2 SIP based Man in the Middle/Call Hijacking > 1.4.1.3 Possible solutions for SIP based attacks > 1.4.2 Transport Protocols Layer > 1.4.2.1 Eavesdropping > 1.4.2.2 RTP Insertion attacks > 1.4.2.3 RTCP insertion attacks > 1.4.2.4 Possible solutions for RTP based attacks > 1.4.3 Application Layer > 1.5 FUTURE THREATS TO VOICE OVER IP SECURITY > 2 CONCLUSIONS > > > -- > Xmco Partners > Security Consulting / Pentest > web : http://www.xmcopartners.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
