yass – Yet Another SIP Scanner

For one of my projects, I was having need of a SIP scanner. This SIP scanner should not only use SIP OPTIONS but also use unimplemented SIP messages to scan a network. I’ve checked such a tool on the web but couldn’t find that does both. Then, I decided to use SIPp but had another problem.

Therefore, I wrote my own SIP scanner. In case you need such a tool, you can download it from github.

yass – Yet Another SIP Scanner

Initial version seems working but there could be bugs. Please let me know if you find any.


Being secure depends on whose target list you are in

Companies are demanding more and more security for their systems on nowadays. Depending on the IT budget and awareness of security threats on the management level, they track new vulnerabilities to keep their software up-to-date, hire more information security engineers, inspect every code they wrote from security point of view, buy expensive solutions (firewall, IDS/IPS, DPI, etc.), perform regular penetration tests and etc. At the end, the goal is to keep systems safe from threats.

Individuals have also similar concerns but most of the time they don’t know how to secure their systems. For whom that do, they try their best.

Despite of the expensive and devoted effort to be secure, your overall system security depends on whom you are protecting your systems from. In other words, whose target list you are in.

It is possible to keep script kiddies away from your network only by taking few actions. Keeping your applications and OS up-to-date, using an anti-virus/anti-malware program, and having a little awareness would definitely help.

However, for an organization such as a bank or a global company, it is obvious that the company is a potential target of world wide hackers or hacker groups. At that point protecting your network in the same way with protecting it from script kiddies would certainly not work. Now you have to invest more and buy firewall, IDS/IPS solutions,  use authentication servers and methodologies, hire information security personnel, preform penetration tests in regular basis, manage tunnels between each unit of your company in different location and etc.

This may seem pretty much everything that one can do to protect the information. However it is not. There are lots of other attack types that an infosec personnel of a bank would have probably never heard of, such as side channel attacks with power analysis or TEMPEST. Yet, it may be acceptable for a bank infosec personnel not to worry about TEMPEST so much since it is usually an attack type that requires a lot of research and very expensive devices which could only be provided by a government.

When you move in the world of government security you should consider regulations and standards (such as FIPS) to cover your security. With the great amount of budget, governments can perform extensive types of attacks which are only limited by the imagination and creativity of their personnel. Therefore, counter-unit should also have the same skill set.

Long story short, to defend your network, you have to define your enemy well at first place.