| ||
The Miercom network consulting group released a special VoIP testing report in 2004 that included denial of service testing against a multitude of VoIP PBXs and phones (http://www.miercom.com/?url=products/spreports/). At the time of publication of this book, they were currently in the process of refreshing these results for another 2007 follow-up report. We felt, however, that even though their testing was performed on older versions of VoIP devices, the results are still relevant enough to share. According to Miercom, their initial testing for the 2007 report indicated that most vendor's results have improved, but only slightly.
Miercom rated their measured impact as follows :
High This DoS attack caused the device or component to reset, lose its registration, terminate call(s), or exhibit other disruption of service.
Medium There was some noticeable degradation of service, but service recovered fully once the attack was stopped .
Low There was no noticeable degradation of service because of this DoS attack.
Tables 4-3: and 4-4 excerpt some of their results and the attacks launched.
Device Tested | Version Tested | Fragmented UDP Attack | Normal Directed UDP Flood | TCP Connection Flood |
---|---|---|---|---|
Alcatel OmniPCX Enterprise | R5.1Lx | Low | Low | Low |
Alcatel Media Gateway | R5.1Lx | High | Low | High |
Avaya S8700 Media Server | 2.0 | Low | Low | Low |
Avaya G650 Media Gateway | 2.0 | Low | High | High |
Avaya S8300 Media Server | 2.0 | Low | Low | High |
Avaya G700 Media Gateway | 2.0 | Medium | Medium | Medium |
Avaya IP Office 403 | 2.0 | Medium | High | Medium |
Cisco CallManager MCS 7835H | 3.3(3) | Medium | Low | Low |
Cisco CallManager MCS 7825H | 3.3(3) | Low | Medium | Low |
Cisco 3725 Media Gateway | 12.3(7)T | Low | Medium | Low |
Cisco CallManager Express | 3.1 | High | High | Medium |
Nortel Succession 1000M Signaling Server | 3.0 | High | Low | Low |
Nortel Media Gateway | 3.0 | High | Low | Low |
Nortel Gatekeeper | 3.0 | High | Low | Low |
Pingtel SIPxChange | 2.2 | Medium | No open ports | Medium |
Siemens ICN HiPath 3500 | 4.0 | High | No open ports | High |
Phone Vendor | Version | Fragmented UDP Attack | Normal Directed UDP Flood | TCP Connection Flood |
---|---|---|---|---|
Alcatel 4035 Advanced e -Reflexes | 2.18 | High | High | High |
Avaya 4620 | 2.0 | High | High | High |
Avaya 4612 | 1.7 | High | No open ports | High |
Cisco 7960 | 5.0(3) | High | High | High |
EADS i760 | R3.2A2 | High | No open ports | High |
Polycom IP 500 SIP | 1.0.9 | Medium | No open ports | Medium |
Mitel 5240 | 4.1 | High | No open ports | No open ports |
Nortel i2004 | 1.59 | High | No open ports | No open ports |
Pingtel xPressa | 2.1.11 | Medium | Medium | Medium |
Siemens ICN optiPoint 400 | 3.3.37 | High | No open ports | High |
SWYX SwyxPhone L420 | 1.1.7 | High | High | High |
Polycom IP 500 MGCP | 1.2.4 | High | High | High |