Enable Security

TURN servers are meant to relay WebRTC media. To an attacker, they're just proxies.

We wrote up the threats we've been finding since 2017: relay abuse, DoS amplification, and software vulns.

https://www.enablesecurity.com/blog/turn-server-security-threats/

#infosec #webrtc #security #TURN #penetrationtesting #voip

TURN Security Threats: A Hacker's View

TURN servers are powerful proxies abused for internal network access, C2 operations, and DDoS attacks. Threat analysis from real-world research and pentesting.

Enable Security
Feb 12 at 10:56amWeb