VoIP DOS attack problem

The rapid adoption of Voip and SIP by enterprises and SOHOs has made SIP a target for  hackers. SIP trunk and hosted PBX providers have to have a public IP to offer service to their customers and are exposed to Denial of Service attacks.

The most common thread is a brute force attack against SIP passwords in which the Voip servers are inundated with registration requests to well known ports. The main purpose is to guess a subscriber's SIP password and gain access to the account to use it to make long distance or automated phishing calls to random people. The side effect of this is that the brute force attack creates huge load on the SIP servers that tries to validate authentication of each single request. Most of the time the SIP server becomes unresponsive or crashes affecting legitimate users.

Denial of Service attacks is, nowadays, a main concern to most of ITSPs. Distributed Denial of Service attack ( DDOS ) is even more difficult to fight against and only few expensive commercial solutions are available to coupe with this thread.