Beware the SIP bot
Dan York has a great post today on the VOIPSA blog about the prospect of remote-controlled Zombie attacks on SIP servers. He lays out a fascinating scenario of companies launching SIP-based attacks on competitors, and he notes the recent release of a VOIP bot for testing automated attacks.
Dan is correct to note that this isn't much of a threat to the enterprise as of yet, as enterprises typically don't accept SIP-based calls from the outside world. But this is changing as enterprises begin to take advantage of SIP-trunking services for PSTN access, as well as SIP-based "click-to-call" features on enterprise web sites.
I think Dan's analysis is spot-on, and it underscores the need for enterprises to be careful to address security of links to SIP-trunking service providers by deploying SIP-based firewalls and intrusion-detection/prevention systems.
Comments