Question

In: Computer Science

Do some online research about the “friendly-scanner” SIP flood/intrusion attack, then answer the following.
 a. Which...

Do some online research about the “friendly-scanner” SIP flood/intrusion attack, then answer the following.


a. Which port does the attack target?

b. Besides flooding to deny service, how does this attack attempt to break in to a VoIP system?

c. What is an effective defense against this attack?

Solutions

Expert Solution

Hi, I would love to answer you with this question. Hope after the explanation of the answer you will be having a clear idea related to the same . So not wasting much time lets head towards the question.

Ans.(a) The port number 5060 is used by the Voip (Voice over ip) . This is a standard port number which acts as the gateway for the voip and streaming like services.

Ans.(b) SIP flooding ( Session Initiation Protocol) mainly uses to Deny the serivces for the voip gateway or the server resluting in the Denial of Service attack but apart from DDOS attack an attacker can try other methods to evade through the system or al lest try to gather some critical information.

Beside DDOS the eavesdropping or the session highjacking may be used to evade through the system or get some detailed information about the system of the network. Where eavesdropping is an attack to gather some sensitive information to prepare at attack or to gain the target information, which may give some outcom in the form of vulnerabilities and the evasion is done.

Session Hghjacking is mostly done for the web servers but the attacker can still try to capture the session and gain access as the legitimate user.

Ans.(c) Expected mitigations for these type of attacks are:

  • Using Intrusion Detection System - The network prevention systems should be used like the IDS and IPS for the prevention of these type of attacks
  • Network Monitoring - The above sytems will be of no support if the proper monitoring is not present by the network administrator
  • Proper authentication - Every time an user tries to get access to his/her voip server legitimate authetication must be present so as to maintain the integrity
  • Stateless Proxies - Proxies helps Network admin to trick the attacker for the original server ip source and the attacker may be trapped for the same

These are the answers for the above questions , hope you got a clear idea related the same

Please like an answer and do comment for any queries

Thanks and Happy to help :)

HAPPY LEARNING


Related Solutions

Go online and do some focused research on some specific human rights case. There are high...
Go online and do some focused research on some specific human rights case. There are high profile cases (and they do not have to be current) like Elian Gonzalez, Malala, Syrian refugees (a dialog on how to solve this would be welcome). No matter what you choose, be brief in your description of the case (Africa, Asia, US, Europe, Latin America, Mideast), focus on the controversial aspects of the case-- how it was resolved or not, and how it connects...
Please do some research on the internet to learn about EVA (Economic Value Added), which is...
Please do some research on the internet to learn about EVA (Economic Value Added), which is another tool to measure performance. First describe where you believe EVA is different from the Residual Value method. Next please describe a specific situation, where performance measurement is needed. This can either be a real life scenario that you recall from your workplace or having learned about in the news, or a scenario that you are making up. Then pick one tool (EVA, Residual...
Do some research on integrated reporting or non-financial reporting and answer the following (with citations and...
Do some research on integrated reporting or non-financial reporting and answer the following (with citations and sources): If you were considering investing in a company, what non-financial information related to the company would you want to learn about? Why? If you were a majority shareholder in a company, would you be willing to spend a considerable amount of money (which could otherwise be productively invested) to track and report non-financial information? Why?
Do some research and answer the following critical thinking questions from this week’s readings. In your...
Do some research and answer the following critical thinking questions from this week’s readings. In your analysis, cite a minimum of three (3) references from different sources (the textbook can be one source). 1. Advances in technology are making it easier than ever for people to collaborate, even when they are dispersed globally. Discuss how you could manage potential conflict within your team over the fact that not all members will have the same knowledge of the English language. 2....
Virtual Projects Research about virtual projects. Based on your research, answer the following questions: -Which virtual...
Virtual Projects Research about virtual projects. Based on your research, answer the following questions: -Which virtual project problems are unique to the phenomenon of being dispersed and which are common project problems in any project? -Which virtual problems are the most serious for virtual projects? Why? Which virtual problems might be fatal for virtual projects? Why? -What are some potential solutions to virtual team problems? Which solutions would apply to regular project teams also? PS: Please respond in a very...
Thoroughly discuss and answer the following question. Do some research and find out whether Babbage’s Analytical...
Thoroughly discuss and answer the following question. Do some research and find out whether Babbage’s Analytical Engine is a computer according to the von Neumann model. Post a complete answer to the best of your abilities and research and understanding. Reference your sources other than textbook.
Questions 23–33: Heart Attack Survival, revisited Some people who are having a heart attack do not...
Questions 23–33: Heart Attack Survival, revisited Some people who are having a heart attack do not experience chest pain, although most do. A study of people admitted to emergency rooms with heart attacks compared the death rates of people who had chest pains with those of people who did not have chest pains (Brieger et al. 2004). Of the 1,763 people who had heart attacks without chest pain, 229 died, while of the 19,118 people who had heart attacks with...
Do some research online and find 3 cars you are thinking of buying (ranging from low...
Do some research online and find 3 cars you are thinking of buying (ranging from low budget, to mid-budget, to one that is your dream car). Find their prices and how many miles per gallon they get Car A: $26,793 28MPG Car B: $39,735 17MPG Car C: $161,139 13PMG Suppose that you plan on using the car for 100,000 miles . Also let’s assume that all the cars have about the same overall cost of maintenance (just to simplify so...
In regard to horizontal and vertical analysis do some research and answer why these methods are...
In regard to horizontal and vertical analysis do some research and answer why these methods are used. What can be learned from statements?  How can the results be compared to other corporations and why are ratios better than using dollars? Answer Throughly please Copy and paste answer please not attachment
which of the following is an attack in which something that appears as a helpful or...
which of the following is an attack in which something that appears as a helpful or harmless program carries and delivers a paylocal? a-worm b-phish c-evil twin d-trojan horse
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT