SIP Security Attacks - DOS Buffer Overflow - ASN.1-Abstract Syntax Notation One

See animation for visual explanation of SIP DOS-Denial Of Service attack.
sip-security-asn-overflow.swf
This is an example how an attack could occur. The attacker can alter the encoding lengths causing a buffer overflow-overrun at the endpoint. According to Cisco, "The attackers can try to use PER encoding coupled with the ASN.1 representation to encode excessive recursive fields and lead to huge processing and memory overhead at the endpoint."

While it is beyond the scope of this tutorial to explore all types of VoIP security violations and attacks, attackers can try to compromise H.225 protocol implementations. That is, since H.225 messages are ASN.1 PER-Packed Encoding Rules encoded (or compact binary encoding on limited bandwidth networks), the attacker can alter the encoding lengths causing a buffer overflow-overrun at the endpoint. ASN.1-Abstract Syntax Notation One is a notation system for describing data structures. ASN.1 while like programming language is in fact, not a programming language. ASN.1 is a flexible notation that allows programmers to define a variety of data types. ASN.1 is a set of encoding rules used to transform data into a standard format that can be decoded on any system that has a decoder based on the same set of rules.

This presentation is also included in online/onsite courses SIP Planning Guide and for OCS-101 Office Communications Server per person (volume and site license discounts available). For more information, go to:
http://www.techtionary.com/sip/planning-guide/

Discounts are also available to members of the SIP Forum and MS Partners. For customizing, special discounts, website animations, technical/sales training, technical writing and other services, go to http://www.techtionary.com or please call Tom Cross at 303-594-1694 or cross@gocross.com.