INVITE Of Death
   HOME

TheInfoList



Click Here for Items Related To - INVITE Of Death
OR:
INVITE Of Death on:   [Wikipedia]   [Google]   [Amazon]

An INVITE of Death is a type of attack on a
VoIP Voice over Internet Protocol (VoIP), also called IP telephony, is a method and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. The terms Internet t ...
-system that involves sending a malformed or otherwise malicious SIP INVITE request to a
telephony server Telephony ( ) is the field of technology involving the development, application, and deployment of telecommunication services for the purpose of electronic transmission of voice, fax, or data, between distant parties. The history of telephony is i ...
, resulting in a crash of that server. Because telephony is usually a critical application, this damage causes significant disruption to the users and poses tremendous acceptance problems with VoIP. These kinds of attacks do not necessarily affect only SIP-based systems; all implementations with vulnerabilities in the VoIP area are affected. The
DoS attack In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connect ...
can also be transported in other messages than INVITE. For example, in December 2007 there was a report about a vulnerability in the BYE message ("BYE BYE") by using an obsolete header with the name "Also". However, sending INVITE packets is the most popular way of attacking telephony systems. The name is a reference to the
ping of death A ping of death is a type of attack on a computer system that involves sending a malformed or otherwise malicious ping to a computer. A correctly formed ping packet is typically 56 bytes in size, or 64 bytes when the Internet Control ...
attack that caused serious trouble in 1995–1997.


VoIP Servers (INVITE of Death)

The INVITE of Death vulnerability was found on February 16, 2009. The vulnerability allows the attacker to crash the server causing remote Denial of Service (DoS) by sending a single malformed packet. An impersonator can, using a malformed packet, overflow the specific string buffers, add a large number of token characters, and modify fields in an illegal fashion. As a result, a server is tricked into an undefined state, which can lead to call processing delays, unauthorized access, and a complete denial of service. The problem specifically exists in OpenSBC version 1.1.5-25 in the handling of the “Via” field from a maliciously crafted SIP packet. The INVITE of Death packet was also used to find a new vulnerability in the patched OpenSBC server through network dialog minimization. For the popular open source-based Asterisk PBX, there are security advisories that cover not only signaling-related problems, but also problems with other protocols and their resolution. Problems may be malformed SDP attachments where codex numbers are out of the valid range or obsolete headers such as “Also”. The INVITE of Death is specifically a problem for operators that run their servers on the public internet. Because SIP allows the usage of UDP packets, it is easy for an attacker to spoof any source address in the internet and send the INVITE of death from untraceable locations. By sending these kinds of requests periodically, attackers can completely interrupt the telephony service. The only choice for the service provider is to upgrade their systems until the attack does not crash the system anymore.


VoIP phones

A large number of
VoIP Vulnerabilities VoIP is vulnerable to similar types of attacks that Web connection and emails are prone to. VoIP attractiveness, because of its low fixed cost and numerous features, come with some risks that are well known to the developers an are constantly being ...
exist for IP phones. DoS attacks on VoIP phones are less critical than attacks on central devices like IP-PBX, as, usually, only the endpoint is affected.


References


External links


Debian Security Advisory


{{DEFAULTSORT:Invite Of Death Denial-of-service attacks