+ All Categories
Home > Documents > Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is...

Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is...

Date post: 29-Jan-2016
Category:
Upload: benedict-hampton
View: 213 times
Download: 0 times
Share this document with a friend
Popular Tags:
12
Impact of SIP on Network Integrity Adrian
Transcript
Page 1: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

Impact of SIP on Network Integrity

Adrian

Page 2: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

Outline• Introduction• Who are CPNI?• What is SIP and why is it a problem?• What can we do about it?

Page 3: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

• Adrian – worked in CPNI for 2 ½ years as a telecommunications security advisor

• Prior to that 29 years with FCO and MOD advising on use of telecommunications

• Technical background, definitely no tact for a diplomatic career!

Introduction

Page 4: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

• Centre for the Protection of National Infrastructure

• Government Department• Advice on “Keeping the lights on” for the UK• Concentrate on Critical Infrastructure– Lot of advice valid for all infrastructure

Who are CPNI?

Page 5: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

• SIP– Session Initiation Protocol– Used to start (and end) Voice over IP

• SIP is not the whole problem– IP (Internet Protocol) is another part– So is the general “freedom of information”

What is SIP and why is it a problem?

Page 6: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

Internet• In the good old

telecommunication days…– Physical Separation– Bespoke and little known

protocols– First (and 2nd) Line of

Defence

• Now…– Internet Protocol– Shared physical path– First lines of defence gone

Page 7: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

• “May you have a choice of many standards…”• In good old TDM / SS7 there were two fields

(both numeric)– “Dialled Number” (you), “CLI” (me)

• In SIP there are many, many fields to choose– “From”, “To”, “Contact”, “Allow”, “ID”, “Privacy” …

• In many formats…– SIP URI (User@host), Tel URI (+44 7717 …)

SIP

Page 8: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

• Massive amount of Open Source information– SS7; running short of experts.– SIP

And…

Page 9: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

• On the one hand– Security reduced by common network protocol

• On the other– Much more complicated signalling– Those of ill intent know as much as the good guys

So – Treble whammy

Page 10: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

• SIP Overload Control– DoS – Send spoof control messages

• Telemarketing / Hoax Calls– Spoof CLI, call priority, call divert status…

• Denial of Service (general)– All sorts of options [packet complexity]

• Denial of Service (specific)– Flatten handset battery with spoof invites

Potential Problems

Page 11: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

• Can’t do a lot about information sharing– And it’s not all a bad thing

• IP layer– Good housekeeping– Make sure messages come from who you think

they do• SIP Layer– Keep messages “tight”– Validate

What can we do about it?

Page 12: Impact of SIP on Network Integrity Adrian. Outline Introduction Who are CPNI? What is SIP and why is it a problem? What can we do about it?

Questions?


Recommended