![]() This leaves all other fields such From, To unprotected. SIP authentication only protects three fields of those protected SIP messages: request-URI, username, and realm. This allows the adversary to freely modify and forge those unprotected SIP messages (e.g., ACK, CANCEL, OPTION) without being detected. SIP authentication only applies to three SIP request messages INVITE, BYE, and REGISTER, and leaves other SIP messages unprotected. However, SIP authentication does not provide full integrity protection of SIP messages.
0 Comments
Leave a Reply. |