DOCSLIB.ORG

Denial of Service Detection and Mitigation for SIP Communincation Networks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Denial of Service Detection and Mitigation for SIP Communincation Networks Denial-of-Service Detection and Mitigation for SIP Communication Networks vorgelegt von Diplom-Informatiker Sven Ehlert Von der Fakult¨atIV - Elektrotechnik und Informatik der Technischen Universit¨atBerlin zur Erlangung des akademischen Grades Doktor der Ingenieurwissenschaften Dr.-Ing. genehmigte Dissertation Promotionsausschuss: Vorsitzender: Prof. Dr. Jean-Pierre Seifert Pr¨uferder Dissertation: 1. Prof. Dr. Thomas Magedanz 2. Prof. Dr. Erwin Rathgeb Tag der wissenschaftlichen Aussprache: 13.10.2009 Berlin 2009 D 83 Abstract The Session Initiation Protocol (SIP) is the multimedia communication pro- tocol of the future. Used for Voice-over-IP (VoIP), Internet Multimedia Subsystem (IMS) and Internet Protocol Television (IPTV), its concepts are based on mature and open standards and its use is increasing rapidly within recent years. However, with its acceptance as a mainstream communica- tion platform, security concerns become ever more important for users and service providers. In this thesis we identify different attacks on SIP-based networks with the focus on Denial-of-Service attacks (DoS) flooding attacks. We evaluate SIP infrastructure for DoS attack possibilities and demonstrate a completely new attack which utilises a combination of the SIP and Domain Name Service (DNS) system. We propose three different DoS detection and mitigation schemes, including one to handle this particular SIP DNS attack. We also provide a first step into Distributed DoS mitigation by introducing a firewall pinholing scheme. Distributed DoS mitigation is only marginally addressed by current research works. We also evaluate the requirements for a self-sufficient and scalable SIP security framework, where attack countermea- sures can be evaluated and tested. We use this framework for our solutions and validate their effectiveness for DoS mitigation. With these solutions, gen- eral SIP networks will be more robust against flooding DoS and Distributed DoS attacks. i ii Deutsche Zusammenfassung F¨ur Multimedia Kommunikation spielt das Session Initiation Protocol (SIP) eine immer wichtigere Rolle. SIP ist ein ausgereifter, offener Standard f¨urIn- ternet Telefonie (Voice-over-IP, VoIP), Internet Multimedia Subsystem (IMS) oder IP-basiertes Fernsehen (IPTV), dessen Verbreitung in den letzten Jahr- en stark angestiegen ist. Mit der breiten Akzeptanz von SIP als etabliertem Internetprotokoll werden Sicherheitsaspekte f¨urAnwender und Serviceanbie- ter immer bedeutender. Diese Dissertation behandelt verschiedene Angriffe auf SIP-basierte Netzwerke mit dem Schwerpunkt Uberlaufangriffe¨ (Denial- of-Service, DoS). Wir evaluieren SIP-Infrastrukturen auf m¨ogliche Angriffs- punkte und stellen zudem einen komplett neuen DoS Angriff auf SIP-Netz- werke vor. Dieser nutzt eine Schwachstelle bei der Zusammenarbeit von SIP mit dem Domain Name Service (DNS) aus. Wir f¨uhrenaußerdem drei verschiedene Sicherheitsmethoden zur Erkennung und teilweisen Ab- schw¨achung von DoS-Angriffen ein, inklusive einer Methode als Gegenmaß- nahme gegen den angef¨uhrtenSIP-DNS Angriff. Weiter pr¨asentieren wir einen ersten Schritt zur Sicherung vor ”Verteilten DoS-Angriffen”. Dieses Thema wurde bislang nur in ersten Ans¨atzenvon der Forschergemeinschaft behandelt. Zus¨atzlich er¨orternwir die Anforderungen an ein autarkes und skalierbares SIP-Sicherheitsframework zum Evaluieren, Testen und Validier- en der vorgeschlagenen Sicherheitsmethoden. Durch die Anwendung dieser Methoden kann in Zukunft ein SIP-Netzwerk besser gegen DoS-Angriffe ab- gesichert werden. iii iv Acknowledgements This thesis was hard work, and definitely not possible without the help of others. In particular: • My supervisors Prof. Dr. Thomas Magedanz and Prof. Dr. Erwin Rathgeb • My girlfriend Trine • My family • My colleagues Dorgham Sisalem, Jens Fiedler and Yacine Rebahi • My students Ge Zhang, Chengjian Wang, Andreea-Ancuta Onofrei, Erkan G¨uler,and Martin Becker You know what you did – a big thanks! v vi Contents 1 Introduction 3 1.1 Motivation . 3 1.1.1 Importance of SIP for Communication Networks . 4 1.1.2 Complexity of SIP Networks . 5 1.1.3 SIP Challenges . 6 1.2 PhD Scope . 6 1.3 Threat Impact and Requirements . 8 1.4 Related Works . 9 1.4.1 General SIP Security Related Work . 9 1.4.2 SIP DoS Related Work . 9 1.5 Methodology . 11 1.6 Major Contribution . 12 1.7 Thesis Structure . 13 2 Background Information 15 2.1 Multimedia Communication with SIP . 15 2.1.1 SIP Entities . 16 2.1.2 SIP Structure . 19 2.1.3 SIP Message Format . 20 2.1.4 Dialogs and Transactions . 22 2.1.5 Protocol Operation . 25 2.1.6 SIP Security Mechanisms . 28 2.1.7 Session Description Protocol . 30 2.1.8 Real-time Transport Protocol . 31 2.1.9 SIP Alternatives . 32 2.2 SIP Network Application . 32 2.2.1 IP-based Telephony Networks . 33 2.2.2 Next Generation Networks . 33 2.3 Denial of Service Attacks . 35 2.3.1 Motivation for DoS Attacks . 35 2.3.2 DoS Targets . 36 vii viii CONTENTS 2.3.3 Distributed Denial of Service Attack . 43 2.3.4 Mitigation Countermeasure Analysis . 47 2.4 Intrusion Detection Systems . 54 2.4.1 General Overview of Intrusion Detection . 54 2.4.2 Intrusion Detection System Types . 55 2.4.3 Detection Strategies . 58 2.5 Relevant Tools . 59 2.5.1 Netfilter / IPtables . 59 2.5.2 SER . 59 2.5.3 PROTOS Suite . 61 2.5.4 SIPp . 61 3 SIP Security Threats with Focus on DoS 63 3.1 General Threats and Related Works . 63 3.2 SIP DoS Introduction . 65 3.3 SIP DoS by Message Payload Tampering . 66 3.3.1 Example: SIP Message Tampering with SQL . 67 3.4 SIP DoS by Message Flow Tampering . 68 3.4.1 REGISTER Attack . 69 3.4.2 INVITE Attack . 71 3.4.3 BYE Attack . 71 3.4.4 CANCEL Attack . 71 3.4.5 UPDATE Attacks . 72 3.4.6 REFER Requests . 73 3.5 SIP DoS by Message Flooding . 73 3.5.1 Exploitable SIP Resources . 75 3.5.2 Overview of SIP Flooding Attack Scenarios . 77 3.5.3 Attack Amplification . 86 3.5.4 SPIT and Denial of Service (DoS) Attacks . 88 4 DoS Protection Requirement Analysis 91 4.1 Requirements for Payload Tampering Protection . 91 4.2 Requirements for Message Flow Tampering Protection . 92 4.3 Requirements for Message Flooding Protection . 93 4.3.1 Possible Countermeasures Against Memory Exploita- tion Attacks . 93 4.3.2 Countermeasures Against CPU Attacks . 95 4.4 Summary of Operational Guidelines . 95 4.5 Requirements for External Monitoring . 97 CONTENTS ix 5 Security Solution Specification 99 5.1 General Protection Framework . 99 5.1.1 Overview . 99 5.1.2 Filter- and Scanner Node (”Filter”) . 100 5.1.3 Analysis Node (”Analyzer”) . 101 5.1.4 Decision Node (”Decider”) . 102 5.1.5 User Interaction . 102 5.2 General SIP DoS Attack Protection . 103 5.2.1 Background: The SIP State model . 103 5.2.2 Solution Approach: Finite Server Transaction State Machines . 104 5.2.3 Attack Detection and Mitigation . 107 5.3 Distributed SIP DoS Attack Protection . 109 5.3.1 Background: Greylisting . 110 5.3.2 Solution Approach: Firewall Pinholing . 110 5.3.3 Pinholing Parameters . 111 5.4 Combined SIP-DNS DoS Attack Protection . 113 5.4.1 Background: Domain Name Service . 114 5.4.2 DNS Usage in SIP Infrastructures . 115 5.4.3 Scope of the Attack . 115 5.4.4 Basic Prevention Possibilities . 117 5.4.5 DNS Implementations with SIP Servers . 118 5.4.6 Solution Approach: Intelligent Unblocking DNS Cache 119 6 Implementation 123 6.1 VoIP Defender Architecture . 123 6.1.1 Filter . 123 6.1.2 Analyzer . 125 6.1.3 Decider . 126 6.1.4 Component Interaction . 127 6.2 The State Machine Module . 128 6.3 The Pinholing Module . 131 6.4 The DNS Cache . 131 7 Validation and Optimisation 133 7.1 VoIP Defender Validation . 133 7.1.1 Test Bed Setup . 133 7.1.2 Round Trip Time Delay . 134 7.1.3 Throughput . 134 7.2 The State Machine . 135 7.2.1 Test Bed . 135 x CONTENTS 7.2.2 Testing Scenario Setup . 136 7.2.3 Results . 138 7.2.4 Latency Time and CPU, Memory Usage . 140 7.3 Pinholing Validation . 141 7.3.1 Operation Evaluation Scenario . 141 7.3.2 Performance Evaluation Scenario . 142 7.4 DNS Cache Validation . 144 7.4.1 Test Bed Setup . 144 7.4.2 Feasibility of the Attack . 146 7.4.3 Evaluation . 146 7.5 Performance Optimisation . 153 7.5.1 Reducing the Number of Rule Updates in the Pinholing Module . 153 7.5.2 Generally Reducing the Number of Generated Firewall Rules . 156 8 Comparison with Other Approaches 169 8.1 Evaluation Criteria for DoS Defence Systems . 169 8.1.1 Algorithm-related Evaluation Criteria . 170 8.1.2 Framework-related Evaluation Criteria . 171 8.2 Survey of SIP DoS Countermeasure Solutions . 172 8.2.1 Iancu03 . 172 8.2.2 Reynolds03 . 173 8.2.3 Wu04 . 174 8.2.4 Geneiatakis05 . 175 8.2.5 Markl05 . 175 8.2.6 Chen06 . 176 8.2.7 Niccolini06 . 176 8.2.8 Sengar06-1 . 177 8.2.9 Sengar06-2 . 178 8.2.10 Nassar06 . 179 8.2.11 Rebahi07 . 180 8.2.12 Ding07 . 180 8.2.13 Nassar07 . 181 8.2.14 Barry07 . ..
Load more

Recommended publications
  • PENGAMANAN PAYLOAD Voip BERBASIS ASTERISK DENGAN PROTOKOL SRTP MENGGUNAKAN TWINKLE
    PENGAMANAN PAYLOAD VoIP BERBASIS ASTERISK DENGAN PROTOKOL SRTP MENGGUNAKAN TWINKLE Oleh: MUHARTANTO E 103091029610 PROGRAM STUDI TEKNIK INFORMATIKA FAKULTAS SAIS DAN TEKNOLOGI UNIVERSITAS ISLAM NEGERI SYARIF HIDAYATULLAH JAKARTA 2010 M/1431 H i PENGAMANAN PAYLOAD VoIP BERBASIS ASTERISK DENGAN PROTOKOL SRTP MENGGUNAKAN TWINKLE Skripsi Diajukan untuk Memenuhi Persyaratan Memperoleh Gelar Sarjana Komputer Pada Fakultas Sains dan Teknologi Universitas Islam Negeri Syarif Hidayatullah Jakarta Oleh: MUHARTANTO E 103091029610 PROGRAM STUDI TEKNIK INFORMATIKA FAKULTAS SAIS DAN TEKNOLOGI UNIVERSITAS ISLAM NEGERI SYARIF HIDAYATULLAH JAKARTA 2010 M/1431 H ii PENGAMANAN PAYLOAD VoIP BERBASIS ASTERISK DENGAN PROTOKOL SRTP MENGGUNAKAN TWINKLE Skripsi Sebagai salah satu syarat untuk memperoleh gelar Sarjana Komputer Fakultas Sains dan Teknologi Universitas Islam Negeri Syarif Hidayatullah Jakarta Oleh: MUHARTANTO E 103091029610 Menyetujui, Pembimbing I, Pembimbing II, Arini, MT Zulfiandri, MMSI NIP. 197601312009012001 NIP. 197001302005011003 Mengetahui, Ketua Program Studi Teknik Informatika Yusuf Durrachman, MIT NIP. 197105222006041002 iii PROGRAM STUDI TEKNIK INFORMATIKA FAKULTAS SAINS DAN TEKONOLOGI UIN SYARIF HIDAYATULLAH JAKARTA Dengan ini menyatakan bahwa skripsi yang ditulis oleh : Nama : Muhartanto E NIM : 103091029610 Fakultas : Sains dan Teknologi Program Studi : Teknik Informatika Judul Skripsi : Pengamanan Payload VoIP Berbasis Asterisk Dengan Protokol SRTP Menggunakan Twinkle. Dapat diterima sebagai syarat kelulusan untuk memperoleh gelar Sarjana Komputer pada Program Studi Teknik Informatika, Fakultas Sains dan Teknologi, Universitas Islam Negeri Syarif Hidayatullah Jakarta. Jakarta, Agustus 2010 Menyetujui, Dosen Pembimbing Dosen Pembimbing I Dosen Pembimbing II Arini, MT Zulfiandri, MMSI NIP. 19760131 200901 2 001 NIP. 19700130 200501 1 003 Mengetahui, Dekan Fakultas Sains & Teknologi Ketua Prodi Teknik Informatika DR. Syopiansyah Jaya Putra, M.Sis Yusuf Durrachman, MIT NIP.
    [Show full text]
  • A Survey of Open Source Products for Building a SIP Communication Platform
    Hindawi Publishing Corporation Advances in Multimedia Volume 2011, Article ID 372591, 21 pages doi:10.1155/2011/372591 Research Article A Survey of Open Source Products for Building a SIP Communication Platform Pavel Segec and Tatiana Kovacikova Department of InfoCom Networks, University of Zilina, Univerzitna 8215/1, 010 26 Zilina, Slovakia Correspondence should be addressed to Tatiana Kovacikova, [email protected] Received 29 July 2011; Revised 31 October 2011; Accepted 15 November 2011 Academic Editor: T. Turletti Copyright © 2011 P. Segec and T. Kovacikova. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. The Session Initiation Protocol (SIP) is a multimedia signalling protocol that has evolved into a widely adopted communication standard. The integration of SIP into existing IP networks has fostered IP networks becoming a convergence platform for both real- time and non-real-time multimedia communications. This converged platform integrates data, voice, video, presence, messaging, and conference services into a single network that offers new communication experiences for users. The open source community has contributed to SIP adoption through the development of open source software for both SIP clients and servers. In this paper, we provide a survey on open SIP systems that can be built using publically available software. We identify SIP features for service deve- lopment and programming, services and applications of a SIP-converged platform, and the most important technologies support- ing SIP functionalities. We propose an advanced converged IP communication platform that uses SIP for service delivery.
    [Show full text]
  • Real-Time Transport of Internet Telephony Service Utilizing Embedded Resource-Constrained Systems Kyle Persohn Marquette University
    Marquette University e-Publications@Marquette Master's Theses (2009 -) Dissertations, Theses, and Professional Projects Real-Time Transport of Internet Telephony Service Utilizing Embedded Resource-Constrained Systems Kyle Persohn Marquette University Recommended Citation Persohn, Kyle, "Real-Time Transport of Internet Telephony Service Utilizing Embedded Resource-Constrained Systems" (2012). Master's Theses (2009 -). Paper 162. http://epublications.marquette.edu/theses_open/162 REAL-TIME TRANSPORT OF INTERNET TELEPHONY SERVICE UTILIZING EMBEDDED RESOURCE-CONSTRAINED SYSTEMS by Kyle Persohn A Thesis Submitted to the Faculty of the Graduate School, Marquette University, in Partial Fulfillment of the Requirements for the Degree of Master of Science Milwaukee, Wisconsin August 2012 ABSTRACT REAL-TIME TRANSPORT OF INTERNET TELEPHONY SERVICE UTILIZING EMBEDDED RESOURCE-CONSTRAINED SYSTEMS Kyle Persohn Marquette University, 2012 This thesis presents a real-time framework for resource-constrained devices that improves the listening quality of Voice over Internet Protocol calls transported over congested networks. Many VoIP standards and implementations exist, but gaps in the design space encourage further exploration that previous work fails to address. We describe an experimental hardware platform that expands upon a previous design to accommodate technical research and educational needs. Our framework, based on the Real-Time Transport Protocol, integrates closely with existing software constructs available in the Embedded Xinu operating system. We offer features derived from RTP by means of a kernel device that alleviates an application from directly interacting with the underlying protocol. An example application based on Xinu's RTP implementation demonstrates measurable robustness to packet loss and delay variation (jitter)|adverse conditions affecting networks used for VoIP, such as the Internet.
    [Show full text]
  • Troopers Ngi19
    Common Flaws in Encrypted VoIP SIP-over-TLS and SDES-sRTP March 2019 TROOPERS Next Generation Internet (NGI) Alexander Traud Background info: Unencrypted Web E-mail VoIP: Signaling Media HTTP IMAP SIP RTP TCP TCP UDP UDP IP IP IP IP 2 Background info: Protocol Stack Add-ons Web E-mail VoIP: Signaling Media HTTP IMAP SIP RTP TLS TLS ??? ??? TCP TCP ??? UDP IP IP IP IP 3 Encrypted VoIP – History of Alternatives a) Virtual-Private Network (VPN) End-to-Access-Edge aka First-Hop Encryption and Authentication b) SDES-sRTP with SIP-over-TLS same as VPN c) DTLS-sRTP End-to-End Encryption d) ZRTP-sRTP End-to-End Encryption and Authentication: youtu.be/AmYGxwcTyQE e) others (Skype, WhatsApp, Signal, Google Voice, …) 4 Background info: Protocol Stack Add-ons Web E-mail VoIP: Signaling Media HTTP IMAP SIP RTP TLS TLS TLS sRTP TCP TCP TCP UDP IP IP IP IP 5 VoIP Client for Mobile Phone - Acrobits Groundwire Android: - Belledonne Linphone - VoIP By Antisip - BroTecs Skylar - CounterPath Bria Mobile Nokia Mobile Phones: - Media5-fone Pro i. Nokia 700: Symbian/S60 - Mocana KeyTone Pro ii. Nokia 208: Series 40 - PortSIP Softphone - Securax Zoiper iii. Nokia 503: Asha Software Platform - Softil BEEHD iv. N900 (Maemo), N9 (MeeGo): sRTP? - Voipswitch Join - Xnet ALL IP Home Linux: Jami, Jitsi, Twinkle Bold: SDES-sRTP and DTLS-sRTP 6 Internet-Access Device (iAD) -Digitalisierungsbox Basic (ZyXEL Sphairon, Bautzen) -Digitalisierungsbox Smart (Teldat bintec-elmeg, Nürnberg) -LANCOM 831A (Aachen) not tested: -DrayTek: only ZRTP? Bold: SDES-sRTP and DTLS-sRTP
    [Show full text]
  • Performance Analysis of Open Source Solutions Using Wireshark Jai Koolwal, Sumalya Pal
    >Final Report 1 Performance analysis of open source solutions using Wireshark Jai Koolwal, Sumalya Pal Electrical and Computer Science Engineering University Of Florida of the soft phones analyzed was mostly available on their websites[10][11][12] : A. Empathy: Abstract— The goal of this project is to form a detailed analysis of Multi This is an instant messaging client which supports text, voice, video, file point video, audio, text and collaboration software like the Ekiga , Empathy, transfers, and inter-application communication over various IM protocols. Twinkle & BigBlueButton and to complete a survey, comparing them on Empathy also provides a collection of re-usable Graphical User Interface widgets issues like robustness in call quality, video quality , for this purpose we shall for developing instant messaging clients for the GNOME desktop. It is written as make use of the WIRESHARK tool (packet sniffer for Linux) and building extension to the Telepathy framework, for connecting to different instant on the data collected we shall have a better comparative understanding messaging networks with a unified user interface. about the performance of these software in different open source environments like UBUNTU 9.10 – JAUNTY BUILD Karmic Koala & Open B. Ekiga : Suse 11.2. Ekiga is truly one of the most wonderful soft phones available in the market today. It supports the SIP as well as the H323 protocol. It was a part of the UBUNTU package but now has been replaced by EMPATHY. KeyWords- Bigbluebutton, Cent OS, Ekiga, Empathy, Fedora, Twinkle, C. BigBlueButton : Ubuntu, Wireshark. The BigBlueButton is a versatile open source project that is built over fourteen open source components to create an integrated web conferencing system that runs on mac, unix or pc computers.
    [Show full text]
  • Skype and the Flux-Capacitor
    Contents Skype and the Skype Overview .................. 4 Flux-Capacitor VoIP Introduction .................. 5 VoIP Signalling Protocols ............. 6 Dr. Ralf Schlatterbeck VoIP: Bunch of Firewall Problems ......... 7 Open Source Consulting Standards for Encrypted Telephony ....... 8 Security with Encrypted Telephony ........ 9 Excursus: Man in the Middle ........... 10 Email: offi[email protected] Existing Implementations ............. 11 Web: http://www.runtux.com Alternatives to Skype ............... 12 Tel. +43/650/621 40 17 History of Publications about Skype ....... 13 © 2010 Dr. Ralf Schlatterbeck Open Source Consulting · www.runtux.com · offi[email protected] 1 © 2010 Dr. Ralf Schlatterbeck Open Source Consulting · www.runtux.com · offi[email protected] 2 Contents Skype Overview Skype Security Considerations .......... 14 • „It just works“: no problems with firewalls Skype Network Obfuscation: Flux Capacitor . 16 • Skype makers known for Spyware-contaminated Excursus: CRC32 ................. 18 filesharing software (KazaA) Skype Network Obfuscation: Compression . 20 • built-in software-update function in Skype Skype and Cryptography ............. 21 • Doesn’t adhere to any standards – no third-party Skype Communication Security .......... 22 offers Debugging Skype ................. 23 • Closed source – Open Source Skype would be Skype Task-Force? ................. 24 nice and this may be within reach now Bibliography ..................... 25 → Whom to entrust with your phone calls? → Encryption: Who owns the keys??? © 2010 Dr. Ralf Schlatterbeck Open Source Consulting · www.runtux.com · offi[email protected] 3 © 2010 Dr. Ralf Schlatterbeck Open Source Consulting · www.runtux.com · offi[email protected] 4 VoIP Introduction VoIP Signalling Protocols • Voice over Internet Protocol (and often also Video) • IAX: Inter Asterisk Exchange: use same path for • Distinction: call signalling and content (voice/video) signalling and content – firewall-friendly • Signalling Protocols e.
    [Show full text]
  • Download Ekiga
    Download ekiga click here to download Download Ekiga Binaries or Source Code. For more information on how to compile, or how to install the binaries for your GNU/Linux Distribution, please refer to. Ekiga (formely known as GnomeMeeting) is an open source SoftPhone, Video Conferencing . www.doorway.ru​Download Ekiga Binaries or · ​Request new password · ​Download Ekiga sources. Ekiga is a free instant messaging application for the later versions of Windows and Linux, developed by Damien Sandras. Ekiga is a Voice over IP and video conferencing application over the internet. It supports both the SIP and H protocols and is fully interoperable with any. Ekiga, free and safe download. Ekiga latest version: PC to PC calling and videoconferencing made easy. Formerly known as GnomeMeeting, Ekiga is an open source for video conferencing and instant messenger application between users on a. Ekiga or Gnome Meeting works as an Open Source soft-phone, video conferencing tool and instant messenger on VoIP technology. With. Ekiga (formely known as GnomeMeeting) is an open source SoftPhone, Video Conferencing and Instant Messenger. Download Ekiga Portable. Ekiga Deutsch: Mit Ekiga können Sie VoIP-Gespräche über das Internet führen. Download Ekiga: Open source VoIP via SIP with video support and instant messaging. It is developed by SiPHome. This title is being offered by Canadian. Ekiga est un outil de messagerie permettant aux utilisateurs de discuter entre eux sur un réseau. Il s'agit d'un logiciel libre conçu par l'éditeur Ekiga et qui. Ekiga download. Aplicação completa para vídeo conferência, VoIP e telefonia IP utilizado no Linux, agora para Windows.
    [Show full text]
  • 20 FREE SIP Softphones Softphone-Roundup
    20 FREE SIP Softphones http://blog.voipsupply.com/free-sip- softphone-roundup Posted by Cory Andrews on November 4th, 2008 in Business VoIP, Open Source VoIP, Small Business VoIP, Technical Advice, VoIP Phones 32 Comments I occasionally run into folks who are looking to deploy softphones versus traditional, desktop-based IP hard phones….and am often asked what softphone technologies are out there that are compatible with SIP based IP PBX platforms such as Asterisk and Trixbox. Below is list of the more popular SIP softphones, all of which are completely free to use. QuteCom Previously known as WengoPhone, Qutecom is a free, SIP compatible VoIP softphone initially developed by Wengo. QuteCom supports a range of VoIP codecs including G.729, G.711, iLBC, G.722 (wideband) and Speex. H.263 for video is also supported. XLite from Counterpath A very popular, free SIP softphone supporting a range of codecs and also offering great support for desktop video conferencing. ZoIPer Features support for both SIP and IAX, and includes free and paid versions of their software. Firefly by FreshTel Free software supporting SIP and IAX, as well as a range of codecs. DIAX Another free, open source softphone supporting both SIP and IAX. This one aint pretty, but has amasses a loyal following amongst hardcore, technical types due to the wide range of tweaking and configuration options it affords. ExpressTalk Offers STUN and SIP support. Damaka Self described “peer to peer” SIP softphone. AdoreSoftphone Supports SIP RFC 3261 compliant stack. MiniPAX Supports g729, g723.1, speex, gsm, and g711. MizuPhone Has extra features like HD video, Remote Desktop over SIP and UltraWideband codec.
    [Show full text]
  • Towson University College of Graduate Studies and Research
    TOWSON UNIVERSITY COLLEGE OF GRADUATE STUDIES AND RESEARCH A SIP SERVER AND USER AGENT WITH SRTP FOR VoIP ON A BARE PC By Andre Alexander A Dissertation Presented to the faculty of Towson University in partial fulfillment of the requirements for the degree Doctor of Science August 2010 Towson University Towson, Maryland 21252 © 2010 By Andre L. Alexander All Rights Reserved II ACKNOWLEDGMENTS Thank you to my advisors Dr. Wijesinha and Dr. Karne for their guidance and support during this journey; they are truly responsible for the successful completion of my dissertation. I am also deeply indebted to Dr. Zimand, Dr. Song and Dr. Kim for supporting this research. I also thank my family and friends for their support and words of wisdom. Finally, to Anna Alexander (my wife), Anaya Alexander (my daughter), Benzette Alexander-Fields (my mother) and Juanita Alexander (my grandmother), I dedicate this degree to you; your constant support, loving words, thoughtful gestures and sacrifices have kept me focused. Thank You! This moment marks the beginning of a wonderful future for the Alexander family and shows that with hard work and faith anything is possible! "Ask and it will be given to you; seek and you will find; knock and the door will be opened to you." Matthew. 7:7 Andre Alexander IV ABSTRACT A SIP SERVER AND USER AGENT WITH SRTP FOR VoIP ON A BARE PC Andre L. Alexander Bare PC applications run on ordinary desktops and laptops without the support of an operating system (OS) or kernel. They provide immunity against attacks targeting an underlying OS, and have been shown to perform better than applications running on conventional systems due to their reduced overhead.
    [Show full text]
  • Mouth-To-Ear Latency in Popular Voip Clients
    Mouth-To-Ear Latency in Popular VoIP Clients Chitra Agastya, Dan Mechanic, and Neha Kothari Department of Computer Science Columbia University, New York, NY 10027 {csa2111, mechanic, nk2338}@columbia.edu July 9, 2009 ABSTRACT headphone jack and the second channel from the mp3 player are Most popular instant messaging clients are now offering Voice- connected to the line-in jack of a MacBook laptop using a 2x over-IP (VoIP) technology. The many options running on similar Mono - 1x Stereo converter. The resulting stereo audio is recorded platforms, implementing common audio codecs and encryption and converted to Sun AU files using Audacity 1.2.5 [12] on a algorithms offers the opportunity to identify what factors affect MacBook laptop via the line-in interface. Fig 3. sows the setup. call quality. We measure call quality objectively based on mouth- Over the course of six weeks (Nov-Dec 2008) we captured 326 to-ear latency. Based on our analysis we determine that the samples of various combinations of platforms, clients, codecs and mouth-to-ear latency can be influenced by operating system encryption options. Additionally, metrics regarding memory usage (process priority and interrupt handling), the VoIP client and OS priority were taken from the caller and callee machines implementation and network quality. during recording. The audio files were then analyzed for latency using the adelay utility developed in the Internet Real-Time 1. INTRODUCTION Laboratory at Columbia University [2]. Figure 3 shows the setup Many IP telephony clients and instant messaging clients are now for testing mouth-to-ear latency on soft VoIP clients.
    [Show full text]
  • Evaluation of Voip Security for Mobile Devices
    Evaluation of VoIP Security for Mobile Devices In the context of IMS PRAJWOL KUMAR NAKARMI KTH Information and Communication Technology Degree project in Communication Systems Second level, 30.0 HEC Stockholm, Sweden KTH Royal Institute of Technology Master's Programme in Security and Mobile Computing - NordSecMob Communication Systems (CoS) Prajwol Kumar Nakarmi [email protected] Evaluation of VoIP Security for Mobile Devices in the context of IMS Master's Thesis Stockholm, June 16, 2011 Host Supervisor: Professor Gerald Q. Maguire Jr.([email protected]) Royal Institute of Technology Home Supervisor: Professor Antti Yl¨a-J¨a¨aski,(antti.yla-jaaski@tkk.fi) Aalto University School of Science Instructor: John Mattsson, ([email protected]) Ericsson Security Research Abstract KTH ROYAL INSTITUTE ABSTRACT OF OF TECHNOLOGY MASTER'S THESIS Communication Systems (CoS) Master's Programme in Security and Mobile Computing - NordSecMob Author: Prajwol Kumar Nakarmi Title of thesis: Evaluation of VoIP Security for Mobile Devices in the context of IMS Date: June 16, 2011 Pages: 12 + 68 Supervisors: Professor Gerald Q. Maguire Jr. Professor Antti Yl¨a-J¨a¨aski Instructor: John Mattsson Market research reports by In-Stat, Gartner, and the Swedish Post and Telecom Agency (PTS) reveal a growing worldwide demand for Voice over IP (VoIP) and smartphones. This trend is expected to continue over the coming years and there is wide scope for mobile VoIP solutions. Nevertheless, with this growth in VoIP adoption come challenges related with quality of service and security. Most consumer VoIP solution, even in PCs, analog telephony adapters, and home gateways, do not yet support media encryption and other forms of security.
    [Show full text]
  • Research Article a Survey of Open Source Products for Building a SIP Communication Platform
    Hindawi Publishing Corporation Advances in Multimedia Volume 2011, Article ID 372591, 21 pages doi:10.1155/2011/372591 Research Article A Survey of Open Source Products for Building a SIP Communication Platform Pavel Segec and Tatiana Kovacikova Department of InfoCom Networks, University of Zilina, Univerzitna 8215/1, 010 26 Zilina, Slovakia Correspondence should be addressed to Tatiana Kovacikova, [email protected] Received 29 July 2011; Revised 31 October 2011; Accepted 15 November 2011 Academic Editor: T. Turletti Copyright © 2011 P. Segec and T. Kovacikova. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. The Session Initiation Protocol (SIP) is a multimedia signalling protocol that has evolved into a widely adopted communication standard. The integration of SIP into existing IP networks has fostered IP networks becoming a convergence platform for both real- time and non-real-time multimedia communications. This converged platform integrates data, voice, video, presence, messaging, and conference services into a single network that offers new communication experiences for users. The open source community has contributed to SIP adoption through the development of open source software for both SIP clients and servers. In this paper, we provide a survey on open SIP systems that can be built using publically available software. We identify SIP features for service deve- lopment and programming, services and applications of a SIP-converged platform, and the most important technologies support- ing SIP functionalities. We propose an advanced converged IP communication platform that uses SIP for service delivery.
    [Show full text]