sip security
in [Cisco]
|
Prev: HSRP
Next: Brand new ASA5510 acting very strange...
From: tg on 23 Jun 2010 07:57 cisco 2600 running a sip trunk can sip credentials be 'sniffed' over the internet? One person told me they can, another says it's impossible so I'm confused. The sip password in my router config appears as encypted with a number '7' preceding it. Thanks for any advice.
From: Doug McIntyre on 23 Jun 2010 09:52 "tg" <nospam(a)nospameverever.net> writes: >cisco 2600 running a sip trunk >can sip credentials be 'sniffed' over the internet? One person told me they >can, another says it's impossible so I'm confused. The sip password in my >router config appears as encypted with a number '7' preceding it. Thanks for >any advice. SIP authentication is typically handled with the same algorithm as HTTP MD5 Digest authentication. So the actual credentials are MD5 hash'd, but probably aren't as secure as it could be. The configuration space of the router isn't related to how the protocol communicates over the Internet?? But the router most likely needs to have a reversable hash in configs so it can properly do the HTTP MD5 digest authentication.
From: tg on 23 Jun 2010 15:25 "Doug McIntyre" <merlyn(a)geeks.org> wrote in message news:4c221183$0$637$8046368a(a)newsreader.iphouse.net... > "tg" <nospam(a)nospameverever.net> writes: >>cisco 2600 running a sip trunk > >>can sip credentials be 'sniffed' over the internet? One person told me >>they >>can, another says it's impossible so I'm confused. The sip password in my >>router config appears as encypted with a number '7' preceding it. Thanks >>for >>any advice. > > SIP authentication is typically handled with the same algorithm as > HTTP MD5 Digest authentication. > > So the actual credentials are MD5 hash'd, but probably aren't as > secure as it could be. > > The configuration space of the router isn't related to how the > protocol communicates over the Internet?? > But the router most likely needs to have a reversable hash in configs > so it can properly do the HTTP MD5 digest authentication. > so does that mean it's possible to sniff sip credentials over the internet?
From: Doug McIntyre on 24 Jun 2010 01:11 "tg" <nospam(a)nospameverever.net> writes: >"Doug McIntyre" <merlyn(a)geeks.org> wrote in message >news:4c221183$0$637$8046368a(a)newsreader.iphouse.net... >> "tg" <nospam(a)nospameverever.net> writes: >>>cisco 2600 running a sip trunk >> >>>can sip credentials be 'sniffed' over the internet? One person told me >>>they >>>can, another says it's impossible so I'm confused. The sip password in my >>>router config appears as encypted with a number '7' preceding it. Thanks >>>for >>>any advice. >> >> SIP authentication is typically handled with the same algorithm as >> HTTP MD5 Digest authentication. >> >> So the actual credentials are MD5 hash'd, but probably aren't as >> secure as it could be. >> >> The configuration space of the router isn't related to how the >> protocol communicates over the Internet?? >> But the router most likely needs to have a reversable hash in configs >> so it can properly do the HTTP MD5 digest authentication. >> >so does that mean it's possible to sniff sip credentials over the internet? No. The client sends a MD5 has of the password across the connection. The server sends a "nonce" to hash with the password, to prevent replay attacks.
From: PrzemekD on 24 Jun 2010 06:36
Uzytkownik "tg" <nospam(a)nospameverever.net> napisal w wiadomosci news:4c225fab$0$12155$fa0fcedb(a)news.zen.co.uk... > so does that mean it's possible to sniff sip credentials over the > internet? It's much worse: one could use your router as toll fraud chain... |