A hands-on course covering SIP security. It is assumed that delegates already know SIP as this course focuses purely on the security issues in SIP IP telephony networks. Hands-on practicals follow each major theory session and include use of various SIP security tools such as vomit, sipp, sipsak and sivus amongst others.
SIP infrastructure and entities, example SIP session.
Hands on Simple SIP network with and without authentication.
DOS attacks, infrastructure attacks, eavesdropping,
spoofing, replay, message integrity.
Hands on Basic SIP packet capture, infrastructure attacks.
SIP packet creation: Sivus, SIPsak, PROTOS, SFTF,
SIP bomber, SIPp, Seagull, Nastysip. SIP packet
generators: SIPNess, NetDude. Monitoring:
Wireshark, Cain & Abel, Vomit, Oreka, VoiPong.
Scripts and tools: SIP-Fun, Skora.net, kphone-ddos,
sip-scan, sip-kill, sip-redirectrtp. Health of different
Hands on Generating SIP packets, rebuilding conversations from captured packets, password cracking.
IPSec, AH, ESP, transport mode, tunnel mode, Pre
Shared Keys, Public keys.
Hands on SIP calls over IPSec.
SIP relationship with HTTP, Deprecated HTTP 1.0
basic authentication, HTTP 1.1 Digest authentication,
S/MIME, SIPS, SIPS URI, TLS, DTLS, PKI
Hands on SIP with TLS.
SRTP, features, packet format, default encryption,
default authentication, key distribution. S/MIME,
MIKEY, SDP security descriptions. SIP security
Hands on Analysing SRTP packets.
NAT traversal. Impact of firewall on infrastructure
attacks. TLS and firewalls. SIP specific firewalls.
Hands on SIP calls through a firewall.
"Excellent presentation - very good course structure."
"Hard concepts were explained very simply."
This structured course uses Instructor Led Training to provide the best possible learning experience. Small class sizes ensure students benefit from our engaging and interactive style of teaching with delegates encouraged to ask questions throughout the course. Quizzes follow each major section allowing checking of learning. Hands on sessions are used throughout to allow delegates to consolidate their new skills.