Security – Drops of wisdom, knowledge and news from OpenSIPS

OpenSIPS Security Audit, facts and results

Almost an year ago we were boiling the idea of starting a professional security audit over the freshly released OpenSIPS 3.2 . What were the reasons for doing this and how the audit actually took shape, as targets, methodology and deliverables, is described in this original manifest. Of course, nothing would have been possible without … Continue reading OpenSIPS Security Audit, facts and results

News

The OpenSIPS Security Audit is happening

Couple of months ago, after exchanging some ideas we Sandro Gauci from Enable Security, we saw as plausible the project of performing a professional Security Audit (PenTests) for OpenSIPS 3.2, with public results and benefits for the whole project and community. So, we embarked in the quest of making that possible, to put together the … Continue reading The OpenSIPS Security Audit is happening

News, Releases

OpenSIPS 3.2, here it is!

Yes, this is the news - the OpenSIPS major version 3.2, beta release, is out. We build a plan for it, an ambitions plan, trying to cover a lot of items, maybe too many for a single year of work. Still, the community feedback is an essential way to keep us on tracks, when comes … Continue reading OpenSIPS 3.2, here it is!

Events, News, Releases, Training

OpenSIPS calendar for 2021

We all do plans in advance and the most helpful thing here is to know what to expect, what to rely on, what upcoming events are. Well, we want to help all the OpenSIPS'ers and share with you the 2021 calendar for OpenSIPS project, with the most relevant events. OpenSIPS Releases The 3.2 OpenSIPS major … Continue reading OpenSIPS calendar for 2021

News, Technical

Exploring SSL/TLS libraries for OpenSIPS 3.2

For the purpose of providing secure SIP communication over the TLS protocol, OpenSIPS uses the OpenSSL library, the most popular TLS implementation across the Internet. However, integrating OpenSSL with OpenSIPS has posed a series of challenges starting with OpenSSL version 1.1.0, and has caused quite a few bugs and crashes since then, as presented in … Continue reading Exploring SSL/TLS libraries for OpenSIPS 3.2

News, Technical, Tips

The OpenSIPS and OpenSSL journey

In order to provide secure SIP communication over TLS connections, OpenSIPS uses the OpenSSL library, probably the most widely used open-source TLS & SSL library across the Internet. The fact that it is so popular and largely used makes it more robust, therefore a great choice to enforce security in a system! That was the … Continue reading The OpenSIPS and OpenSSL journey