Commercial VoIP Fuzzing Tools

In just the last couple of years alone, the commercial fuzzing market has seen a surge of products. Some of these existing and new products include

• Codenomicon Test Tools (http://www.codenomicon.com)

• Musecurity's Mu-4000 (http://www.musecurity.com)

• Beyond Security's BeStorm (http://www.beyondsecurity.com)

• Gleg.net's ProtoVer Professional (http://www.gleg.net/)

• Security Innovation's Hydra (http://www.securityinnovation.com)

• Sipera Systems' LAVA (http://www.sipera.com)

Many of the commercial tools can get rather pricy, costing in the thousands of dollars to purchase. Many of them provide support for protocols other than VoIP, but require you to license each suite for an additional price. As a simple exercise, we compared the PROTOS test tool we demonstrated earlier against the commercial Codenomicon test tool (same creators ), as shown in Figure 11-4.

Figure 11-4: The Codenomicon SIP test tool

The PROTOS test tool has about 4,500 test cases and only includes INVITE message fuzzing. The Codenomicon SIP test tool has over 35,000 test cases and also covers OPTIONS and REGISTER messages, including a graphical front-end. If you are in the market for a commercial fuzzer, you should trial all of them against your target application to see which fuzzer achieves the most code coverage. Check out the book Fuzzing by Michael Sutton, Adam Greene, and Pedram Amini (Addison Wesley, 2007) for details on how to go about measuring code coverage.