sip-4----Page:7
1 2 3 4 5 6 7 8 9 10
|
Difficulty of Response Impersonation Huge difference in threat model between request and response identity Request identity: adversary can forge a From header field Requires adversary to control their own device Response identity: Adversary can eavesdrop on traffic to capture transaction/dialog identifiers Adversary can suppress or somehow complement legitimate responses Adversary can reinsert forged responses into any existing persistent transport-layer connections Actually impersonating a legitimate respondant requires a great deal of sophistication |