Preventing DNS and registration poisoning

DNS and registration poisoning are clever attacks, which use your SIP server infrastructure to send unauthorized calls. Actually, the attack is against the authorization process rather than authentication. Once a user has a valid account, it can send unauthorized calls to PSTN. Let's start explaining DNS poisoning, which is simpler. It exploits the possibility in a service provider to make calls to foreign domains. We will describe the following attack steps:

Get a valid account.
Make a legitimate call to PSTN and get the gateway's IP in the Contact header.
Change your DNS server to point a valid fully qualified domain name (FQDN) to the gateway's IP.
Initiate a call to the valid FQDN. In many places such ...

Get Building Telephony Systems with OpenSIPS - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building Telephony Systems with OpenSIPS - Second Edition by Flavio E. Goncalves, Bogdan-Andrei Iancu

Preventing DNS and registration poisoning

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly