Speak to our team now +44 (0)1737 821590

SIP security for engineers

A 2 day
training course
**Due to the current COVID-19 isolation rules all our courses are being delivered via virtual instructor led learning until further notice**

SIP security training course description

A hands-on course covering SIP security. It is assumed that delegates already know SIP as this course focuses purely on the security issues in SIP IP telephony networks. Hands-on practicals follow each major theory session and include use of various SIP security tools such as vomit, sipp, sipsak and sivus amongst others.

Key outcomes from this course

By the end of the course delegates will be able to:
  • Secure SIP networks
  • Use various SIP security tools

SIP security training course details

Who will benefit:
Technical staff working with SIP.
Technical security staff.
SIP for engineers
2 days

Training approach

This structured training course seeks to build upon workbook learning through the use of group exercises, dynamic discussion and individual tasks in order to deliver an engaging and interactive module that will ensure all candidates are able to transfer their new skills into the workplace.

Overall ratings for this course:

Customer reviews

"Hard concepts were explained very simply."
J. S. Framestore CFC
"Excellent presentation - very good course structure."
B. M. London Internet Exchange

SIP security training course contents

SIP review
SIP infrastructure and entities, example SIP session.
Hands on: Simple SIP network with and without authentication.

SIP security attacks
DOS attacks, infrastructure attacks, eavesdropping, spoofing, replay, message integrity.
Hands on: Basic SIP packet capture, infrastructure attacks.

SIP tools
SIP packet creation: Sivus, SIPsak, PROTOS, SFTF, SIP bomber, SIPp, Seagull, Nastysip. SIP packet generators: SIPNess, NetDude. Monitoring: Wireshark, Cain & Abel, Vomit, Oreka, VoiPong. Scripts and tools: SIP-Fun, Skora.net, kphone-ddos, sip-scan, sip-kill, sip-redirectrtp. Health of different tools.
Hands on: Generating SIP packets, rebuilding conversations from captured packets, password cracking.

VPNs and SIP
IPSec, AH, ESP, transport mode, tunnel mode, Pre Shared Keys, Public keys.
Hands on: SIP calls over IPSec.

Secure SIP signaling
SIP relationship with HTTP, Deprecated HTTP 1.0 basic authentication, HTTP 1.1 Digest authentication, S/MIME, SIPS, SIPS URI, TLS, DTLS, PKI infrastructures.
Hands on: SIP with TLS.

Secure media streams
SRTP, features, packet format, default encryption, default authentication, key distribution. S/MIME, MIKEY, SDP security descriptions. SIP security agreements.
Hands on: Analysing SRTP packets.

NAT traversal. Impact of firewall on infrastructure attacks. TLS and firewalls. SIP specific firewalls.
Hands on: SIP calls through a firewall.

Why Choose Us

SNT trainers score an average of over 90% on the three main areas of:
  • Ability to teach
  • Technical knowledge
  • Answering questions
“Excellently presented by a very knowledgeable and enthusiastic trainer.” P.D. General Dynamics

We limit our maximum class size to 8 delegates; often we have less than this. This ensures optimal interactivity between delegates and instructor.
"Excellent course. The small class size was a great benefit…" M.B. IBM

We write our own courses; courseware does not just consist of slides and our slides are diagrams not bullet point text. A typical chapter provides clearly defined objectives with a chapter overview, slides with text underneath, a quiz at the end to check the learning of the students. Hands on exercises are at the end and are used to reinforce the theory.

See Dates & Prices for this course

To enquire about this course

To reserve this course online