RedShift Networks Offers Wide-Ranging Attack Protection Against A Whole Class Of SIP Fuzzing Attacks

Fuzzing or Black Box software attack-based testing discovers development or deployment implementation bugs using malformed/semi-malformed data injection in an automated fashion. Fuzzing style attacks include:

  • Protocol fuzzing that sends forged packets to the target SIP application, or act as proxy modifying packets on the fly and replaying them
  • Random attacks with exhaustive coverage but require infinite time
  • Protocol aware attacks limiting randomness by making each message penetrate deeper

Most common results of fuzzing attacks involve crashes (or Denial of Service), loops or heavy processing or buffer overflows. All allow the perpetrator to gain control over the machine despite the access and encryption control mechanisms. Examples of successful fuzzing attack types include:

  • Anomalous Onputs
  • Fuzzing SIP Grammar
  • Delimiter Errors
  • Malformed Packets
  • Stack Overflow

Fuzzing attacks easily compromise the peer to peer and real-time nature of VoIP, weak endpoints, and complex UC application states. RedShift Networks addresses this gap where it is exceedingly difficult to protect stateless firewalls for VoIP environments. VoIP attackers directly fuzz endpoints and the dynamically fuzzed attacks directly pass through IP PBX and attack endpoints.

RedShift Networks offers users wide-ranging attack protection against a whole class of fuzzing attacks. The Unified Communication Threat Management solution auto learns application states at VoIP/UC layers. This management overlay delivers a visually positive logical fingerprint of runtime execution model and enforcing tight checks at all layers — whether its disallowing non conformant inputs, disallowing malicious inserted states or applying integrity checks at User, Network, Protocol session or Device layer. In addition, RedShift Networks own CONDOR research labs extensively tests new devices, phone calls servers, applications for vulnerability till breaking point. It notifies the vendor of any 0-day vulnerabilities in addition to developing shields for specific exploits and provide automatic rollout as part of its signature update service.