There is Slum-thing about SIP

There is Slum-thing about SIP

I finally watched Slumdog Millionaire. But if you are looking for a review of the movie, this is the wrong place. If you are just looking for a basic tutorial on SIP, this is still the wrong place, maybe try the Wikipedia. But if you are looking for a fun quiz on SIP, this is it. SIP, or Session Initiation Protocol, is a blockbuster in its own right. This is my first blog and I want to keep it simple and fun. Ready for some SIP-fun?

Q1: What is the latest core specification for SIP?

  • A. RFC 3216
  • B. RFC 3261
  • C. RFC 2534
  • D. RFC 3361


A: B. RFC 3261. Originally developed by Henning Schulzrinne and Mark Handley beginning in 1996, RFC 3261 is the core specification for SIP from the IETF group.

Q2: Which of the following is not a key function of SIP?

  • A. QoS (Quality of Service)
  • B. Establish user location (map name information to location information)
  • C. Negotiate media capabilities of the participants
  • D. Changing media capabilities while the session is in progress


A: A. QoS (Quality of Service). Yes, QoS is often mentioned in the same sentence as VoIP and/or SIP. But the protocol itself has nothing to do with providing QoS. RFC 3313 does define a SIP extension that can be used to integrate QoS admission control with call signaling and help guard against denial of service attacks, but its usage is currently limited to certain domains.

Q3. Which of the following is not a kind of security threat in SIP deployments?

  • A. Passive eavesdropping
  • B. Vishing
  • C. Spit
  • D. Man-in-the middle


A: OK, so this was a trick question. These are all potential threats to any SIP deployment.

Passive eavesdropping, or interception, can be done simply by running a tool like Wireshark and gathering call information including audio.

Man-in-the middle attack is when a hacker intercepts calls from one end, and then modifies the data before sending them across. The hacker could also re-route the call maliciously, or just disconnect calls.

Spit, or Spam Over Internet Telephony is just the voice incarnation of the email spam. This is still a newbie threat and has not been a major problem as yet.

Vishing is the VoIP version of phishing. One form of vishing is fabrication, where the attacker impersonates someone to get access to sensitive information.

Q4. Which of the following are necessary for a SIP implementation to be able to provide complete security?

  • A. Using TLS only
  • B. Using SRTP only
  • C. Using TLS with Certificate management
  • D. Using TLS and SRTP with Certificate management

A: D. Using TLS and SRTP with certificate management.

For any SIP implementation to be completely secure, you need all three. Certificates (public and private key based) provide the ability to establish proper identity (so no one can impersonate and tamper with the calls). TLS provides integrity via authentication, so that no hacker can modify information. SRTP is the final piece that provides privacy through encryption, so that no third party can eavesdrop and intercept your calls. Any implementation with just a subset of these three is leaving a big hole in the security wall.

Q5. In Alexander Dumas’ book "The Three Musketeers", two of the musketeers are called Athos and Porthos. What is the name of the third Musketeer?

A: Well, for that you have to go see the movie!