Análisis de vulnerabilidades para la capa de aplicación en la transmisión VoIP
Abstract
RESUMEN
Este documento describirá el análisis de ciertas vulnerabilidades presentes en la capa de aplicación de la transmisión VoIP empleando un escenario de prueba basado en PBX Elastix y herramientas de Testing VoIP como Backtrack y Wireshark. También propone un procedimiento que reducirá los ataques Man in the Middle o DoS. y Eavesdroping en una red de voz sobre IP integrando TLS en SIP y ARP estático.
Palabras clave: Pentest , SIP, TLS, VoIP, vulnerabilidad.
ABSTRACT
This document describes the analysis of certain vulnerabilities in the application layer of the VoIP transmission using a test scenario with Elastix PBX and testing VoIP tools such as Backtrack. It also proposes a method to reduce the Man in the Middle attacks or DoS. Eavesdroping on a network and Voice over IP and SIP TLS integrating static ARP.
Keywords: Pentest, SIP, TLS, VoIP, vulnerability
Downloads
Metrics
Downloads
Published
How to Cite
Issue
Section
License
Copyright © Autors. Creative Commons Attribution 4.0 License. for any article submitted from 6 June 2017 onwards. For manuscripts submitted before, the CC BY 3.0 License was used.
You are free to:
Share — copy and redistribute the material in any medium or format |
Adapt — remix, transform, and build upon the material for any purpose, even commercially. |
Under the following conditions:
Attribution — You must give appropriate credit, provide a link to the licence, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licenser endorses you or your use. |
No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the licence permits. |