Photo by Quino Al on Unsplash

Check your VoIP networks with SIPVicious and sngrep

Free Line

In the corporate environment, telecommunications are now almost entirely based on VoIP, the key component being the Session Initiation Protocol (SIP), which provides both the underpinnings for calls and a potential attack vector for hackers. The most common pitfalls include insecure passwords, incorrectly configured servers, and blocked ports. In this article, I introduce open source tools such as SIPVicious, sngrep, and Wireshark, which you can use to test and secure your VoIP networks.

Despite email, instant messaging, and other forms of communication, a large part of corporate communication is still reliant on phone calls. The VoIP technology begins with a call. A terminal device is then registered with the SIP server by the REGISTER message. The terminal device sends its SIP ID and access data to the server, which can be a local telephone system or a cloud-based system to which the local terminal devices connect. The connection is then established by the INVITE method.

The SIP server signals the incoming invitation to the target device and uses the Session Description Protocol (SDP) to negotiate the connection parameters, such as the codec and ports for the media stream (transmitted with the Real-Time Transport Protocol, RTP). The data transfer relies on RTP, whereas control tasks are handled by SIP (Figure 1). Finally, the connection is terminated with the BYE command. Problems often arise from blocking by firewalls that filter out SIP or RTP packets, or because of incorrect configurations on the terminal device and on the server side. The tools described in this article can help you troubleshoot these issues.

Buy this article as PDF

Express-Checkout as PDF

Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES

Print Issues

Digital Issues

 

SUBSCRIPTIONS

Print Subs

Digisubs

 

TABLET & SMARTPHONE APPS

US / Canada

UK / Australia