First of all you should credit ALL the individuals, companies and sites you rip your information from else its called plagiarism
On Page 12. Word for word you simply copied: http://www.cisco.com/en/US/docs/voice_ip_comm/sip/proxies/2.0/release/notes/stnSolRn.html "Temper the contents and make it work according to attackers usage." What the hell are you talking about... You stated "The Cisco proxy server does not accept calls after 150 cps" I don't know what the hell you were using but Netra's can easily push in upwards of CPS, IBM X's 1000 via udp, 200+ via tcp... On Page 19 you stated "Wiretapping Attacks: These are the generic class of attacks which take place when modification of communication channel is done by an attacker between two parties." ... Really? So when I'm running VoIPong and "nothing" is getting modified yet I'm steady recording a conversation what is this called. An unmodified wiretapping attack. That paper was yet another waste of time for me to read. Instead of copying and pasting to your hearts content and putting together something that makes sense only to you, why don't you first try to understand 1) what the hell you're talking about 2) what the hell you're writing about 3) what the protocol truly does and then - what attacks are possible based on something you truly know - as opposed to something you may think sounds logical. Page 28: "It can be exploited by the attackers to have Denial of service attacks. The mechanism starts from the payload designing. The actual infection starts or is mainly coded in the payload itself by the attackers." What kind of high potent hashish are you smoking? Outside of these ignorant assumptions you make based on what I infer as an overall lack of knowledge on the subject, I could barely skim through the rest of your document since it was mainly terrible english with huge chunks of copied RFC material and ramblings that made zero sense. Nothing worth noting - other than me repeating in my head "this jackass should STFU and learn what he's talking about instead of making an idiot out of himself" And I don't mean to sound harsh - well yea I do, but that's irrelevant. What you're doing is flooding the industry with bullshit documents that those without a clue might read and become even more clueless. Please stop your ramblings. ==================================================== J. Oquendo "Excusatio non petita, accusatio manifesta" http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E sil . infiltrated @ net http://www.infiltrated.net
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
