Re: Are you ready for SPIT?

Author

All Replies

priller

join:2000-10-20
Gainesville, VA

reply to DrTCP

No ... no .... no .... no.

SIP Authentication is done with an authentication username and authentication realm. This should be implemented by any consumer VoIP service.

Somebody can't just send a SIP INVITE to your TA and make your phone ring. The SIP Proxy and the SIP Agent will only accept SIP messages from each other upon proper authenication.

Could SPIT happen to "open" SIP devices on the net, yes. But, not to a commercial service.

to forum · permalink · 2005-01-17 17:24:29 ·

priller

join:2000-10-20
Gainesville, VA

1 edit

Actually, here's an SIP Proxy sending back an "Unauthorized".

to forum · permalink · 2005-01-17 17:35:18 ·

DrTCP
Yours truly
Premium,ExMod 1999-04
join:1999-11-09
Round Rock, TX

reply to priller

said by priller:

Could SPIT happen to "open" SIP devices on the net, yes.

I took the article was talking about SIP phones that could be IP dialled without going through a provider. So, provider authentication will not apply.

When the SIP phones becomes more common place most people might choose to SIP Phone to SIP Phone communications for some of their calls (along with DynDNS style registration).

to forum · permalink · 2005-01-17 17:55:57 ·

priller

join:2000-10-20
Gainesville, VA

Fair enough. When this has come up before, most people assumed it could happen to their Vonage, SunRocket, etc. accounts.

to forum · permalink · 2005-01-17 19:05:30 ·

jimeez
Heads Are Empty
Premium
join:2002-04-28
Mount Holly Springs, PA

Reviews:

·Vonage

said by priller:

When this has come up before, most people assumed it could happen to their Vonage, SunRocket, etc. accounts.

I know I did.

to forum · permalink · 2005-01-17 20:18:16 ·

VOIP etc > Voice Over IP - VOIP > VOIP Tech Chat > Are you ready for SPIT?

Re: Are you ready for SPIT?