SIP-based systems, including SIP proxies, SIP phones, and media gateways, are very vulnerable to various types of flood-based attacks. This is especially true of systems using UDP, which are very easy to trick into accepting spoofed packets. Some of these attacks totally disrupt operation of the target, which in the case of a SIP proxy can affect voice service for an entire site. Attacks against SIP phones, while less disruptive, are easy to perform and can be very annoying to users. Countermeasures are available, but must be applied across the entire system to be truly effective.