The SIP URI scheme is a
Uniform Resource Identifier
A Uniform Resource Identifier (URI) is a unique sequence of characters that identifies a logical or physical resource used by web technologies. URIs may be used to identify anything, including real-world objects, such as people and places, conc ...
(URI) scheme for the
Session Initiation Protocol
The Session Initiation Protocol (SIP) is a signaling protocol used for initiating, maintaining, and terminating communication sessions that include voice, video and messaging applications. SIP is used in Internet telephony, in private IP telepho ...
(SIP) multimedia communications protocol. A SIP address is a URI that addresses a specific
telephone extension on a
voice over IP
Voice over Internet Protocol (VoIP), also called IP telephony, is a method and group of technologies for the delivery of speech, voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. The terms In ...
system. Such a number could be a
private branch exchange
A business telephone system is a multiline telephone system typically used in business environments, encompassing systems ranging in technology from the key telephone system (KTS) to the private branch exchange (PBX).
A business telephone syst ...
or an
E.164 telephone number dialled through a specific gateway. The scheme was defined in .
Operation
A SIP address is written in user@domain.tld format in a similar fashion to an
email address
An email address identifies an email box to which messages are delivered. While early messaging systems used a variety of formats for addressing, today, email addresses follow a set of specific rules originally standardized by the Internet Engineer ...
. An address like:
:
sip:1-999-123-4567@voip-provider.example.net
instructs a SIP client to use the
NAPTR A Name Authority Pointer (NAPTR) is a type of resource record in the Domain Name System of the Internet.
NAPTR records are most commonly used for applications in Internet telephony, for example, in the mapping of servers and user addresses in the ...
and
SRV SRV may refer to:
Computing
*SRV record as used in the Domain Name System
* /srv, a directory on Unix-like computer systems
Music
*Stevie Ray Vaughan, American blues and blues-rock guitarist (1954–1990)
*"S.R.V.", an instrumental track from gui ...
schemes to look up the SIP server associated with the
DNS
The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to ...
name voip-provider.example.net and connect to that server. If those records are not found, but the name is associated with an IP address, the client will directly contact the SIP server at that IP address on port 5060, by default using the
UDP transport protocol.
It will ask the server (which may be a gateway) to be connected to the destination user at 1-999-123-4567. The gateway may require the user REGISTER using SIP before placing this call. If a destination port is provided as part of the SIP URI, the NAPTR/SRV lookups are not used; rather, the client directly connects to the specified host and port.
As a SIP address is text, much like an e-mail address, it may contain non-numeric characters. As the client may be a
SIP phone
A VoIP phone or IP phone uses voice over IP technologies for placing and transmitting telephone calls over an IP network, such as the Internet. This is in contrast to a standard phone which uses the traditional public switched telephone network ...
or other device with just a numeric, telephone-like keypad, various schemes exist to associate an entirely numeric identifier to a publicly reachable SIP address. These include the
iNum Initiative
The iNum (international number) initiative was a project by Voxbone to create a global dial code for IP communications. Voxbone is a Belgian company specializing in wholesale telephone numbers for VoIP applications. The International Telecommunic ...
(which issues E.164-formatted numbers, where the corresponding SIP address is the number '@sip.inum.net'), SIP Broker-style services (which associate a numeric *prefix to the SIP domain name) and the
e164.org and
e164.arpa
E.164 is an international standard (ITU-T Recommendation), titled ''The international public telecommunication numbering plan'', that defines a numbering plan for the worldwide public switched telephone network (PSTN) and some other data network ...
domain name servers (which convert numbers to addresses one-by-one as DNS reverse-lookups).
SIP addresses may be used directly in configuration files (for instance, in
Asterisk (PBX)
Asterisk is a software implementation of a private branch exchange (PBX). In conjunction with suitable telephony hardware interfaces and network applications, Asterisk is used to establish and control telephone calls between telecommunication ...
installations) or specified through the web interface of a voice-over-IP gateway provider (usually as a
call forwarding
Call forwarding, or call diversion, is a telephony feature of all telephone switching systems which redirects a telephone call to another destination, which may be, for example, a mobile or another telephone number where the desired called party is ...
destination or an address book entry). Systems which allow
speed dial
Speed dial is a function available on many telephone systems allowing the user to place a call by pressing a reduced number of keys. This function is particularly useful for phone users who dial certain numbers on a regular basis.
In most case ...
from a user's address book using a
vertical service code
A vertical service code (VSC) is a sequence of digits and the signals star (*) and number sign (#) dialed on a telephone keypad or rotary dial to enable or disable certain telephone service features. Some vertical service codes require dialing of ...
may allow a short numeric code (like *75xx) to be translated to a pre-stored alphanumeric SIP address.
Spam and security issues
In theory, the owner of a SIP-capable telephone handset could publish a SIP address from which they could be freely and directly reached worldwide, in much the same way that
SMTP
The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typical ...
e-mail recipients may be contacted from anywhere at almost no cost to the message sender. Anyone with a broadband connection could install a
softphone
A softphone is a software program for making telephone calls over the Internet using a general purpose computer rather than dedicated hardware. The softphone can be installed on a piece of equipment such as a desktop, mobile device, or other comp ...
(such as
Ekiga
Ekiga (formerly called GnomeMeeting) is a VoIP and video conferencing application for GNOME and Microsoft Windows. It is distributed as free software under the terms of the GNU GPL-2.0-or-later. It was the default VoIP client in Ubuntu until Octob ...
) and call any of these SIP addresses for free.
In practice, various forms of
network abuse are discouraging creation and publication of openly reachable SIP addresses:
* The
spam
Spam may refer to:
* Spam (food), a canned pork meat product
* Spamming, unsolicited or undesired electronic messages
** Email spam, unsolicited, undesired, or illegal email messages
** Messaging spam, spam targeting users of instant messaging ( ...
which has rendered SMTP the "spam mail transport protocol" could potentially make published sip: numbers unusable as the numbers are flooded with
VoIP spam
VoIP spam or SPIT (spam over Internet telephony) is unsolicited, automatically dialed telephone calls, typically using voice over Internet Protocol (VoIP) technology.
VoIP systems, like e-mail and other Internet applications, are susceptible to a ...
, usually automatic announcement devices delivering pre-recorded advertisements. Unlike
mailto:, sip: establishes a voice call which interrupts the human recipient in real time with a ringing telephone.
* SIP is vulnerable to
Caller ID spoofing
Caller ID spoofing is the practice of causing the telephone network to indicate to the receiver of a call that the originator of the call is a station other than the true originating station. This can lead to a caller ID
Caller identificati ...
as the displayed name and number, much like the return address on e-mail, is supplied by the sender and not authenticated.
* Servers supporting inbound sip: connections are routinely targeted with unauthorised REGISTER attempts with random numeric usernames and passwords, a
brute force attack
In cryptography, a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct ...
intended to impersonate individual
off-premises extension {{Unreferenced, date=December 2009
An off-premises extension (OPX), sometimes also known as off-premises station (OPS), is an extension telephone at a location distant from its servicing exchange.
One type of off-premises extension, connected to ...
s on the local PBX
* Servers supporting inbound sip: connections are also targeted with unsolicited attempts to reach outside numbers, usually premium-rate destinations such as caller-pays-airtime mobile exchanges in foreign countries.
In the server logs, this looks like:
:
ct 23 15:04:02NOTICE
539
Year 539 ( DXXXIX) was a common year starting on Saturday (link will display the full calendar) of the Julian calendar. At the time, it was known as the Year of the Consulship of Strategius without colleague (or, less frequently, year 1292 ' ...
chan_sip.c:21614 handle_request_invite: Call from '
' to extension '011972599950423' rejected because extension not found in context 'default'.
:
ct 23 15:04:04NOTICE
539
Year 539 ( DXXXIX) was a common year starting on Saturday (link will display the full calendar) of the Julian calendar. At the time, it was known as the Year of the Consulship of Strategius without colleague (or, less frequently, year 1292 ' ...
chan_sip.c:21614 handle_request_invite: Call from '
' to extension '9011972599950423' rejected because extension not found in context 'default'.
:
ct 23 15:04:07NOTICE
539
Year 539 ( DXXXIX) was a common year starting on Saturday (link will display the full calendar) of the Julian calendar. At the time, it was known as the Year of the Consulship of Strategius without colleague (or, less frequently, year 1292 ' ...
chan_sip.c:21614 handle_request_invite: Call from '
' to extension '7011972599950423' rejected because extension not found in context 'default'.
:
ct 23 15:04:08NOTICE
539
Year 539 ( DXXXIX) was a common year starting on Saturday (link will display the full calendar) of the Julian calendar. At the time, it was known as the Year of the Consulship of Strategius without colleague (or, less frequently, year 1292 ' ...
chan_sip.c:21614 handle_request_invite: Call from '
' to extension '972599950423' rejected because extension not found in context 'default'.
an attempt to call a Palestinian mobile telephone (Israel, country code +972) by randomly trying 9- (a common code for an outside line from an office PBX), 011- (the overseas call prefix in the
North American Numbering Plan
The North American Numbering Plan (NANP) is a telephone numbering plan for twenty-five regions in twenty countries, primarily in North America and the Caribbean. This group is historically known as World Zone 1 and has the international callin ...
) and 7- (on the off-chance a PBX is using it instead of 9- for an outside line). Security tools such as
firewall
Firewall may refer to:
* Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts
* Firewall (construction), a barrier inside a building, designed to limit the spre ...
s or
fail2ban
Fail2ban is an intrusion prevention software framework. Written in the Python programming language, it is designed to prevent against brute-force attacks. It is able to run on POSIX systems that have an interface to a packet-control system or f ...
must therefore be deployed to prevent unauthorised outside call attempts; many VoIP providers also disable overseas calls to all but countries specifically requested as enabled by the subscriber.
SIPS URI scheme
The SIPS URI scheme adheres to the syntax of the
SIP URI Uri may refer to:
Places
* Canton of Uri, a canton in Switzerland
* Úri, a village and commune in Hungary
* Uri, Iran, a village in East Azerbaijan Province
* Uri, Jammu and Kashmir, a town in India
* Uri (island), an island off Malakula Islan ...
, differing only in that the scheme is
sips
rather than
sip
. The default Internet port address for SIPS is 5061 unless explicitly specified in the URI.
SIPS allows resources to specify that they should be reached securely. It mandates that each hop over which the request is forwarded up to the target domain must be secured with
TLS. The last hop from the proxy of the target domain to the user agent has to be secured according to local policies.
SIPS protects against attackers which try to listen on the signaling link. It does not provide real end-to-end security, since encryption is only hop-by-hop and every single intermediate proxy has to be trusted.
See also
*
Federated VoIP
Federated VoIP is a form of packetized voice telephony that uses voice over IP between autonomous domains in the public Internet without the deployment of central virtual exchange points or switching centers for traffic routing. Federated VoIP uses ...
and
telephone number mapping
Telephone number mapping is a system of unifying the international telephone number system of the public switched telephone network with the Internet addressing and identification name spaces. Internationally, telephone numbers are systematically ...
*
e164.arpa
E.164 is an international standard (ITU-T Recommendation), titled ''The international public telecommunication numbering plan'', that defines a numbering plan for the worldwide public switched telephone network (PSTN) and some other data network ...
*
Security Descriptions for SDP
*
Mikey
Mikey is a masculine given name, often a diminutive form (hypocorism) of Michael. It may also refer to:
People
* Mikey Ambrose (born 1993), American Major League Soccer player
* Mikey Arroyo (born 1969), Filipino actor and politician, son of Phil ...
key exchange method
*
ZRTP
ZRTP (composed of Z and Real-time Transport Protocol) is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over IP (VoIP) phone telephony call based on the Real-time Transport Protocol. ...
end-to-end key exchange proposal
References
{{URI scheme
URI schemes
Internet protocols