Security Issues of SIP

Asghar, Gulfam, Azmi, Qanit Jawed

January 2010

Voice over IP (VoIP) services based on Session Initiation Protocol (SIP) has gained much attention as compared to other protocols like H.323 or MGCP over the last decade. SIP is the most favorite signaling protocol for the current and future IP telephony services, and it‘s also becoming the real competitor for traditional telephony services. However, the open architecture of SIP results the provided services vulnerable to different types of security threats which are similar in nature to those currently existing on the Internet. For this reason, there is an obvious need to provide some kind of security mechanisms to SIP based VOIP implementations. In this research, we will discuss the security threats to SIP and will highlight the related open issues. Although there are many threats to SIP security but we will focus mainly on the session hijacking and DoS attacks. We will demonstrate these types of attacks by introducing a model/practical test environment. We will also analyze the effect and performance of some the proposed solutions that is the use of Network Address Translation (NAT), IPSec, Virtual Private Networks (VPNs) and Firewalls (IDS/IPS) with the help of a test scenario.

SIP

registration hijecking

message tempering

Dos

Firewall & NAT

Computer Sciences

Datavetenskap (datalogi)

Telecommunications

Telekommunikation

En undersökning i datasäkerhet för hemanvändare : Är det nödvändigt att använda brandvägg? / A study in computer security for home users : Is it necessary to use a firewall?

Johansson, Henrik

January 2006

The emphasize of this study is to evaluate security issues for home users having a personal computer connected to the Internet. It focus on the usage of advantages and disadvantages when using a firewall while connected to the Internet. The hypothesis is that it gives a better protection to install and use a firewall compared not to do so, due to security flaws in the operating system. The prediction was tested on a home user's personal computer. The testwork was divided into two major tests, each of them performed with, respectively without, a firewall. These major tests were divided into five smaller semi­ tests. The first semi­test without a firewall suffered from a virus or worm attack resulting in loss of data and log files. During the other tests no successful intrusion was detected. The conclusion of the study is that usage of a standard configured firewall provides a better protection for home users than not to use a firewall; and it's beneficial to update the operating system and other programs with security updates as soon as possible when they appear.

Security

firewall

vulnerability

home user

updates

Fristående kurs

Computer Sciences

Datavetenskap (datalogi)

Performance Evaluations of Cisco ASA and Linux iptables Firewall Solutions

Xu, Junjie, Su, Wenhui

January 2013

A firewall is an essential component to provide network security and traffic control. It is widely used to prevent illegal accesses to private or corporate networks from external unsafe source like Internet. Firewalls are basically classified into two types, hardware firewalls and software firewalls. Hardware-based is a single external hardware to a system, but software-based is installed on a computer inside a system. Two such firewalls, Cisco ASA 5505 and Linux iptables are implemented and practical evaluated theirs performance. The performance test in this paper work primarily focuses on Network layer, and the main parameters include Throughput, Latency, and Concurrent Sessions. Different performance monitoring tools are also introduced in this paper. As a network layer firewall, the most impressive feature is through inspecting the packets to manage the traffic from the higher Layer 4-7 of OSI (Open Systems Interconnection) model, which inevitably has a certain impact on the performance. The bottleneck of the whole network is determined by what extent the impact is. The primary objective of this thesis is through analyzing the test reports to evaluate the two type firewalls’ performance. Thus the results reported in this paper gives some ideas to new firewall customers about what aspects should be considered before selecting a suitable firewall product.

Firewall

Performance

Cisco

iptables

Computer Engineering

Datorteknik

Other Computer and Information Science

Annan data- och informationsvetenskap

Open source routing software : A comparative study of open source software routers

Jakobson, Fredrik

January 2014

As the performance of PCs is increasing it is of great interest to use these cheap devices as routers,which traditionally consisted of more expensive and customized hardware for that purpose. Thesoftware was also traditionally proprietary and thereby costly, but as the open source communityhas grown there have been development of open source solutions that can perform the task ofacting as a router. However as there are so many solutions out there, it can be hard for the potentialusers to choose which particular solution to use, without having to put in too much work intogetting a fully functional router solution. This study achieved this purpose by benchmarking themost popular open source software routers, in terms of performance and scalability as well asproviding a brief analysis of their basic security features. The routers that were studied wasClearOS, Untangle NG Firewall and IPFire, and after the study was complete IPFire was consideredthe superior with ClearOS as the second and Untangle as third and last.

open source

software routers

ClearOS

Untangle NG Firewall

IPFire

Software Engineering

Programvaruteknik

Computer Engineering

Datorteknik

Koncept zavedení Data Governance / Data governance implementation concept

Ullrichová, Jana

January 2016

This master´s thesis discusses concept of implementation for data governance. The theoretical part of this thesis is about data governance. It explains why data are important for company, describes definitoons of data governance, its history, its components, its principles and processes and fitting in company. Theoretical part is amended with examples of data governance failures and banking specifics. The main goal of this thesis is to create a concept for implementing data governance and its implementation in real company. That is what practical part consists of.

Pokročilé metody zabezpečení sítě proti útokům / Advanced network security methods against attacks

Kusy, Filip

January 2018

This student work focuses on security against network attacks. It focus on network attacks and ways to prevent them. Subsequently, it deals with the Snort variant of the IPS/IDS system. It deal with the connection between Mikrotik and the Snort Linux server

Návrh zabezpečení herního serveru / Game server security design

Marek, Milan

January 2021

This master thesis focus on game server security which is connected directly to the internet. Based on current security and scanning the server with penetration testing tools, I designed complete methodology for fixing security issues and vulnerabilities.

Návrh řešení autentizace uživatelů pro malé a střední počítačové sítě / Design of user authentication for small and medium networks

Hajný, Jan

January 2008

The main focus of this Master’s thesis is user authentication and access control in a computer network. I analyze the TCP/IP model in connection with security and describe main stepping stones of authentication protocols (mainly hash functions). The authentication protocol analysis follows. I begin with LANMAN protocol analysis for the reason of a security comparison. The NTLM, Kerberos and Radius follows. The focus is on the Kerberos which is chosen as a main authentication protocol. This is also a reason why the modification used in MS domains is described. The implementation and functional verification is placed in the second part which is more practical. The virtualization technology is used for an easier manipulation. The result is a computer network model requiring user authentication and minimizing the possibility of an attack by unauthorized clients.

Proxy firewall / Proxy firewall

Kugler, Zdeněk

January 2009

This diploma thesis deals with the topic of proxy servers and firewalls and considers other associated technologies and network techniques. It systematically describes the general issues of firewalls, with a special focus on proxy firewalls and their safety. Additional systems mentioned in this document are intrusion detection systems (IDS), antivirus systems and content control filters – as these are also connected with safety of networks, servers and workstations or with limiting various Internet sources. IDS systems can be typically supplemented with various additional applications or tools that enrich them and increase their potential – including graphic additions. This part is remembered too. Some systems can communicate with each other, which is successfully utilised (FW & IDS co-operation, for example). The purpose of the first large chapter is to present firewall technologies, to list firewall types, their basic functionality and to present the final comparison. It marginally mentions firewall applications in practice. Chapter two explains the theory of network address translation (NAT), deals with its functionality, safety and with limiting the NAT mechanism. Chapter three brings a comprehensive presentation of proxy servers. It explains their principle from the point of view of functionality and the specification of application areas. The chapter is complete with a clear list of proxy server types and their descriptions. The last chapter named Linux Proxy Firewall is the key part of the work. It deals generally with the Linux platform, the Debian GNU/Linux distribution, principles of safety policy, network configuration, network server safety, Linux firewalls (Netfilter framework, Iptables tool) and with the Squid proxy server. The following subchapters respect the previous structure: they describe the theories of intrusion detection systems, antivirus checks and content filtering based on different methods. All this is presented similarly to the previous chapters. A proxy firewall solution built on the Linux operating system has been proposed in the practical part. The Debian GNU/Linux distribution has been chosen, being very suitable for server use due to its features. This environment is also used for additional safety software contained in the proxy firewall: antivirus protection, content filtering and an intrusion detection system. The priority is the most comprehensive computer network security, which requires detection abilities with the broadest possible coverage in the area of network safety. The purpose of this diploma thesis is not only to describe the principle of operation of proxy servers and to compare them with other types and other systems, but it also brings my own proposed free solution, which increases network safety and has the ambition of comparing it with clearly commercial products available on the market.

Bezpečnostní audit firewallu / Firewall security audit

Krajíček, Jiří

January 2010

An aim of master´s thesis is Firewall security audit. Main tasks this work is introduce with principles of application for audit, create methodology and with this methodology make security audit of the selected firewalls. Theoretical part of this document deal with firewalls and possibilities of integration into network infrastructure. And next with audit and principles of application for security audit. Next practical part of this document deal with creation methodology and procedures including penetration testing. With this methodology is created audit of linux firewall and ISA 2006 included tips for change configuration providing more security.