Gesellschaft fr Informatik e.V.

Lecture Notes in Informatics


Testing of Component-Based Systems and Software Quality, Net.Object Days Workshops on Testing of Component-Based Systems (TECOS 2004) and Software Quality (SOQUA 2004), in Erfurt, Germany September 30, 2004. GI 2004 P-58, 165-178 (2004).

GI, Gesellschaft für Informatik, Bonn
2004


Editors

Ksami Beydeda, Volker Gruhn, Johannes Mayer, Ralf Reussner, Franz Schweiggert (eds.)


Copyright © GI, Gesellschaft für Informatik, Bonn

Contents

SIP robustness testing for large-scale use

C. Wieser and M. Laakso

Abstract


The Session Initiation Protocol (SIP) is a signaling protocol for Internet telephony, multimedia conferencing and instant messaging. We describe a method for assessing the robustness of SIP implementation by means of a tool that detects vulnerabilities. We prepared the test material and carried out the tests against a sample set of existing implementations. Many of the implementations available failed to perform in a robust manner under the test. Some failures had information security implications and should hence be considered as vulnerabilities. The results were reported to the respective vendors and, after a grace period, the test suite is now publicly available. By releasing the test material to the public, we hope to contribute to more robust SIP implementations.


Full Text: PDF

GI, Gesellschaft für Informatik, Bonn
ISBN 3-88579-387-3


Last changed 24.01.2012 21:48:29