Anyone that has worked in telecom long enough has been hit by a SIP scanner at some point in time.

For people in NOC / Support teams, they often have a customer open a ticket where the call goes like this:

Caller : “My phone is randomly ringing and will not stop.”

Tech Support : “Let me look at the logs.”

Tech Support reviews the logs, while the customer enjoys hold music that isn’t even fit for an elevator. 

10 minutes later

Tech Support : “I’m happy to report that we are not sending any calls to your device during that time. Your ticket number is 222444555, have a great day”

A few days later the caller is back on the phone. They are furious as the issue is still happening. The support team doesn’t see the call in the logs, as it didn’t traverse through the VoIP providers core.

Thankfully for those with Polycom phones, you can make a change to the device’s XML file to block unsolicited INVITES.

All you need is this:

< voIpProt.SIP.requestValidation.1.request=”INVITE” voIpProt.SIP.requestValidation.1.method=”source”/>

Once applied, if the phone receives an INVITE from a device other than the IP of reg.1.server.address, it will reject the request with a SIP 400 BAD REQUEST.

Now instead of the user experiencing a phone that rings non-stop, they see and hear nothing.

Bad Guy – Blocked!

 

Research: I tested this with a VVX 500 (5.2 software)  and a SIP testing tool know as SIPP. I sent over 50 calls per second to the device while it was on an active call. During the active call I did not experience any audio issues.

When the call was disconnected, I did experience a phone that acted “slower” than normal to return to the home screen. Going off hook also introduced about a 1 second delay before presenting dial tone.