Signature Detail

Short Name	VOIP:SIP:SRV-RESP-401
Severity	Info
Recommended	No
Category	VOIP
Keywords	VOIP SIP Voice Over IP Session Initiation Protocol
Release Date	2006/05/24
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SIP: Server Response - Unauthorized (401)

This signature detects attempts to exploit a known vulnerability against Session Initiation Protocol (SIP). Detecting a SIP server response of 401, Unauthorized, can indicate a client can be incorrectly configured or can have requested a feature which requires authorization. This can be a common occurrence in a SIP network, but when combined with other event logs, might be an indication of malicious activity.

Extended Description

None

References

URL: http://www.faqs.org/rfcs/rfc3261.html

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

SIP: Server Response - Unauthorized (401)

Extended Description

References