Menu Close

SiVuS – VoIP vulnerability scanner

web: http://www.vopsecurity.org

Download: need to be registered

Licence: free

Description: SiVuS is the first publicly available vulnerability scanner for VoIP networks that use the SIP protocol. It provides powerful features to assess the security and robustness of VoIP implementations and it is used by VoIP product vendors, security consultants, network architects, researchers and students. We encourage our community to provide us with feedback so we can enhance the current implementation and support the efforts to strengthen the security of VoIP networks.

Sivus does not support MGCP and H.323 scanning.

 

Usage

1. SIP Components discovery

In the field "Target network" put the IP range which will be scanned, than press SCAN button.

The format in the target network field should be:

  • 192.168.1.3 – a single IP address to scan.
  • 192.168.1.3,192.168.1.4,192.168.5.10 – scan three IP addresses (note that each address is separated by a comma)
  • 192.168.1.1-255 – scan the entire C-class
  • 192.168.1.13-15 – scan hosts between 13 and 15 inclusively
  • 192.168.2-10.1-5 – scan the B class between subnets 2 and 10 and hosts 1 through 5

We may choose three transport protocol types to scan open ports usuallu uesd by SIP and it is UDP, TCP, TLS.

 

The result of the scan is described inside central window:

2. Vulnerability scanning

 Select host or hosts and click on Export to send IP address of the host into SCanner Control Panel. Then choose SIP scanner tabs and next Scanner configuration. Set up scanning options.

Part "User information configuration" can be used setup user informations used inside SIP messages during scanning. The SIVUS guide recommends that a test user is defined as the recipient of these messages (calls) in order to minimize user annoyance in a production network.

Rate this post

1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.