Results 1 to 1 of 1

Thread: INVITE of Death

Threaded View

  1. #1
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002

    INVITE of Death

    Pretty cool name, huh? If you're going to create a new VoIP or unified communications attack, you want to have one with panache and it is hard to get a name with more impact than the 'INVITE of Death'.

    That said, the attack itself is not nearly as impressive as the name. SIP is one of the prevalent protocols for VoIP and unified communications. The INVITE request is a function of SIP (Session Initiation Protocol). When a call is placed, the INVITE request is sent to the device being contacted. The receiving device can respond that it is TRYING, or that it is RINGING, or with OK and establish the communications session as a few examples.

    The INVITE of Death attack is simply a denial-of-service (DoS) attack and it only works against one particular open source product- OpenSBC. Directing a malformed INVITE request to a vulnerable OpenSBC server will cause the OpenSBC server to crash.

    Last edited by nihil; March 19th, 2009 at 11:56 AM. Reason: Link removed

Similar Threads

  1. Terrorism
    By Tedob1 in forum Cosmos
    Replies: 9
    Last Post: May 7th, 2006, 05:06 AM
  2. Ping of Death
    By moxnix in forum Web Security
    Replies: 12
    Last Post: October 23rd, 2004, 05:03 PM
  3. Evil Mutant Attack Squirrel Of Death
    By moxnix in forum Tech Humor
    Replies: 10
    Last Post: October 21st, 2004, 09:50 PM
  4. mailboxes are exploding! why, you ask?
    By blackh0le in forum AntiOnline's General Chit Chat
    Replies: 14
    Last Post: May 12th, 2002, 11:42 PM
  5. The Death Penalty
    By Remote_Access_ in forum Non-Security Archives
    Replies: 48
    Last Post: January 29th, 2002, 03:39 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.