On the presentation
Last week I had the pleasure of presenting something new at Kamailio World 2016. Great community and excellent feedback!
The presentation went through the following:
- How and why SIPVicious was originally written and published
- Those strange emails and phone calls asking for special version ;-)
- RIPE’s 188.8.131.52/24 experiment and how it was interesting in terms of SIP security
- Sality pushing modified versions of SIPVicious
- Attackers making use of insecure Tandberg systems to install SIPVicious
- SVCrash - why it was published and how it worked
- Security updates from the VoIP and PBX industry
- Rewriting SIPVicious (various fails)
- What happened since then and what I’ve been using during VoIP pentests that involve SIP
- 2016, yet another rewrite on the way
- New features in this latest rewrite attempt and how they show some important security issues
Some parts were sped up due to the limited time that I had for my presentation, but I think the main points were delivered. If you missed the conference, you can watch the video on Youtube.
T-shirts, mugs, hoodies and fluffy pillows
Oh and about those t-shirts - just published the new SIPVicious mascot design, gave away some swag and they ran out within minutes. So I decided to make it available to anyone who needs to have the friendly-scanner punk all to him or herself! Check out the Spreadshirt shop here.
*Note to Finanzamt and any related entities:
I have removed any commission so that I get no financial profit out of this. Zero. Nil. *