Sipping Your Network presented at ShmooCon 2008

by Humberto J. Abdelnur, Radu State, Olivier Festor,

Tags: Security Fuzzing

Summary : In this talk we will describe briefly a state of the art in current VoIP attacks. This class of attacks may lead to complete takedown of a VoIP network, remote eavesdropping, and even the penetration of an internal network. We well describe the fuzzing techniques inhered by KiF, that allowed us to discover such vulnerabilities. Our tool is: 1) a generic Syntax Fuzzer and 2) the only stateful SIP fuzzer existing as of today, capable to perform advanced syntax, semantic and protocol level fuzzing attacks. We will show SIP attacks and a demonstration of KiF.
Bio - Humberto J. Abdelnu
Humberto is Ph.D. student at INRIA Lorraine, working on security assessment for VoIP services; fuzzing and fingerprinting.
Bio - Radu State
Radu is a Ph.D senior researcher at INRIA Lorraine having as main research activities Network and Service Management and VoIP Security Monitoring and Assessment.
Bio - Olivier Festor
Olivier is a Ph.D research director at INRIA Lorraine, where he leads the MADYNES research team on distributed network, security and service management.