Brekeke Software Security Advisory: Protect your SIP system from SIP Attack
Published: December 21, 2010
Recently, there have been increased reports of VoIP/SIP attacks and other fraudulent activities. The typical attack tries to make a large number of registrations (10,000 or more) on your server, either resulting in taking down your server with excessive traffic or finding a way to use your server to make free calls.
To avoid these malicious attacks, we recommend the following security measures for your SIP environments that use Brekeke products:
– Update Brekeke products to the latest version available. Download updates from:
– Follow the instructions in section 8 (Security) of the Brekeke SIP Server Administrator’s Guide:
– Create a strong password (at least six characters including a combination of upper/lower-case letters and numbers).
– Choose a strong and unique user name.
– Delete all unnecessary/inactive users (extensions, registered users, etc.).
– Use the Address Filtering feature, referring to the wiki topic below for configuration details:
– Use a firewall in front of Brekeke SIP Server/Brekeke PBX to block unknown remote IP addresses.
– Add a dial plan to reject SIP attacks, using the following wiki topic as a guide:
– If possible, choose a unique prefix number for PSTN (analog) lines.
Here are some additional resources for protecting your SIP system from attacks:
Copyright © 2010 Brekeke Software, Inc. All rights reserved.