By using this function, the home network prevents other networks from determining
the network topology, as well as the number of hops necessary to reach network
resources. This information could be used to launch denial-of-service attacks and even
unauthorized access to network services. The I-CSCF provides protection for the HSS
from unauthorized networks.
Encryption
Encryption is an important function within IMS networks. Without encryption, SIP
headers are readable (in plain text) and can therefore be captured by network sniffers
and other devices. This enables hackers to use the information contained in these headers
to ???clone??? messages for gaining unauthorized access to the network.
I have already given many examples of where encryption can be used to prevent
hackers from stealing identities, and to prevent rogue operators from learning the
network topology of a competitor in an attempt to gain unauthorized access to network
resources (such as the HSS). Encryption is important internally to the network as well
as externally. Hackers have the ability to ???listen??? to traffic within a network and capture
data about subscribers and sessions they can then use for their own access.
One hacking method is to hijack registrations. This is done by copying headers from
legitimate SIP messages, copying the public and private identities, and registering on
behalf of the real subscriber.
Pages:
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322