How to Cheat at VoIP Security
- 1st Edition - May 14, 2007
- Imprint: Syngress
- Authors: Thomas Porter CISSP CCNP CCDA CCS, Michael Gough
- Language: English
- eBook ISBN:9 7 8 - 0 - 0 8 - 0 5 5 3 5 3 - 5
The Perfect Reference for the Multitasked SysAdminThis is the perfect guide if VoIP engineering is not your specialty. It is the perfect introduction to VoIP security, covering e… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteThe Perfect Reference for the Multitasked SysAdmin
This is the perfect guide if VoIP engineering is not your specialty. It is the perfect introduction to VoIP security, covering exploit tools and how they can be used against VoIP (Voice over IP) systems. It gives the basics of attack methodologies used against the SIP and H.323 protocols as well as VoIP network infrastructure.
* VoIP Isn’t Just Another Data Protocol
IP telephony uses the Internet architecture, similar to any other data application. However, from a security administrator’s point of view, VoIP is different. Understand why.
* What Functionality Is Gained, Degraded, or Enhanced on a VoIP Network?
Find out the issues associated with quality of service, emergency 911 service, and the major benefits of VoIP.
* The Security Considerations of Voice Messaging
Learn about the types of security attacks you need to protect against within your voice messaging system.
* Understand the VoIP Communication Architectures
Understand what PSTN is and what it does as well as the H.323 protocol specification, and SIP Functions and features.
* The Support Protocols of VoIP Environments
Learn the services, features, and security implications of DNS, TFTP, HTTP, SNMP, DHCP, RSVP, SDP, and SKINNY.
* Securing the Whole VoIP Infrastructure
Learn about Denial-of-Service attacks, VoIP service disruption, call hijacking and interception, H.323-specific attacks, and SIP-specific attacks.
* Authorized Access Begins with Authentication
Learn the methods of verifying both the user identity and the device identity in order to secure a VoIP network.
* Understand Skype Security
Skype does not log a history like other VoIP solutions; understand the implications of conducting business over a Skype connection.
* Get the Basics of a VoIP Security Policy
Use a sample VoIP Security Policy to understand the components of a complete policy.
This is the perfect guide if VoIP engineering is not your specialty. It is the perfect introduction to VoIP security, covering exploit tools and how they can be used against VoIP (Voice over IP) systems. It gives the basics of attack methodologies used against the SIP and H.323 protocols as well as VoIP network infrastructure.
* VoIP Isn’t Just Another Data Protocol
IP telephony uses the Internet architecture, similar to any other data application. However, from a security administrator’s point of view, VoIP is different. Understand why.
* What Functionality Is Gained, Degraded, or Enhanced on a VoIP Network?
Find out the issues associated with quality of service, emergency 911 service, and the major benefits of VoIP.
* The Security Considerations of Voice Messaging
Learn about the types of security attacks you need to protect against within your voice messaging system.
* Understand the VoIP Communication Architectures
Understand what PSTN is and what it does as well as the H.323 protocol specification, and SIP Functions and features.
* The Support Protocols of VoIP Environments
Learn the services, features, and security implications of DNS, TFTP, HTTP, SNMP, DHCP, RSVP, SDP, and SKINNY.
* Securing the Whole VoIP Infrastructure
Learn about Denial-of-Service attacks, VoIP service disruption, call hijacking and interception, H.323-specific attacks, and SIP-specific attacks.
* Authorized Access Begins with Authentication
Learn the methods of verifying both the user identity and the device identity in order to secure a VoIP network.
* Understand Skype Security
Skype does not log a history like other VoIP solutions; understand the implications of conducting business over a Skype connection.
* Get the Basics of a VoIP Security Policy
Use a sample VoIP Security Policy to understand the components of a complete policy.
- Provides system administrators with hundreds of tips, tricks, and scripts to complete administration tasks more quickly and efficiently
- Short on theory, history, and technical data that ultimately is not helpful in performing their jobs
- Avoid the time drains associated with securing VoIP
System Administrators; Security Professionals
- Lead Author and Technical Editor
- Chapter 1: Introduction to VoIP Security
- Introduction
- The Switch Leaves the Basement
- What Is VoIP?
- VoIP Isn’t Just Another Data Protocol
- Security Issues in Converged Networks
- A New Security Model
- Summary
- Chapter 2: The Hardware Infrastructure
- Introduction
- Traditional PBX Systems
- PBX Alternatives
- VoIP Telephony and Infrastructure
- Summary
- Chapter 3: Architectures
- Introduction
- PSTN: What Is It, and How Does It Work?
- PSTN Call Flow
- PSTN Protocol Security
- The H.323 Protocol Specification
- The Primary H.323 VoIP-Related Protocols
- H.235 Security Mechanisms
- Understanding SIP
- SIP Functions and Features
- SIP Architecture
- Instant Messaging and SIMPLE
- Summary
- Chapter 4: Support Protocols
- Introduction
- DNS
- TFTP
- HTTP
- SNMP
- DHCP
- RSVP
- SDP
- Skinny
- Summary
- Chapter 5: Threats to VoIP Communications Systems
- Introduction
- Denial-of-Service or VoIP Service Disruption
- Call Hijacking and Interception
- H.323-Specific Attacks
- SIP-Specific Attacks
- Summary
- Chapter 6: Confirm User Identity
- Introduction
- 802.1x and 802.11 i (WPA2)
- 802.1x/EAP Authentication
- Public Key Infrastructure
- Minor Authentication Methods
- Summary
- Chapter 7: Active Security Monitoring
- Introduction
- Network Intrusion Detection Systems
- NIDS Defined
- Components
- Types
- Placement
- Important NIDS Features
- Maintenance
- Alerting
- Logging
- Extensibility
- Response
- Limitations
- Honeypots and Honeynets
- Host-Based Intrusion Detection Systems
- Logging
- Syslog
- SNMP
- What Is a Penetration/Vulnerability Test?
- Methodology
- Discovery
- Scanning
- Vulnerability Assessment
- Exploitation
- Reporting
- Summary
- Chapter 8: Logically Segregate Network Traffic
- Introduction
- VLANs
- QoS and Traffic Shaping
- NAT and IP Addressing
- Firewalls
- Access Control Lists
- Summary
- Chapter 9: IETF Encryption Solutions for VoIP
- Introduction
- Suites from the IETF
- S/MIME: Message Authentication
- TLS: Key Exchange and Signaling Packet Security
- SRTP: Voice/Video Packet Security
- Summary
- Chapter 10: Skype Security
- Security
- Chapter 11: Skype Firewall and Network Setup
- A Word about Network Address Translation and Firewalls
- What You Need to Know about Configuring Your Network Devices
- Ports Required for Skype
- Using Proxy Servers and Skype
- How to Block Skype in the Enterprise
- Appendix A: Validate Existing Security Infrastructure
- Introduction
- Security Policies and Processes
- Physical Security
- Server Hardening
- Supporting Services
- Unified Network Management
- Summary
- Appendix B: The IP Multimedia Subsystem: True Converged Communications
- Introduction
- IMS Security Architecture
- IMS Security Issues
- Early IMS Security Issues
- Summary
- Appendix C: Regulatory Compliance
- Introduction
- SOX: Sarbanes-Oxley Act
- GLBA: Gramm-Leach-Bliley Act
- HIPAA: Health Insurance Portability and Accountability Act
- CALEA: Communications Assistance for Law Enforcement Act
- E911: Enhanced 911 and Related Regulations
- EU and EU Member States’ eCommunications Regulations
- Summary
- Index
- Edition: 1
- Published: May 14, 2007
- Imprint: Syngress
- Language: English
- eBook ISBN: 9780080553535
TP
Thomas Porter CISSP CCNP CCDA CCS
Thomas Porter, Ph.D. (CISSP, CCNP, CCDA, CCSE/SA, ACE, IAM) served as the first Chief Information Security Officer (CISO) at Avaya, and is currently the Lead Security Architect for Business Communication Consulting and Director of IT Security for the FIFA 2006 World Cup in Germany He is a past member of the IP Security Protocol Working Group, and the Executive Telecommunications Board of the State University of New York. He is currently a member of the IEEE, and OASIS (Organization for the Advancement of Structured Information Standards).
Affiliations and expertise
Director of IT Security, FIFA 2006 World CupMG
Michael Gough
Michael Gough is host and webmaster of www.SkypeTips.com, which was launched in January 2005 and receives more than 100,000 hits per month, and www.VideoCallTips.com, which receives more than 30,000 hits per month. Michael writes articles on Skype and related issues. He also explains Skype’s options and instructions to users so that they can practically apply Skype at home and in the workplace. Michael also evaluates products used with Skype and provides feedback to the vendors on features and improvements to help drive the direction of Skype-related products. Michael is also the host and webmaster for www.VideoCallTips.com, a Web site focused on helping people understand how to make video calls to family and friends, and maintains ratings of the many video call solutions available.
Michael’s full-time employment is as a computer security consultant with 18 years’ experience in the computer technology field. Michael works for a Fortune 500 company, where he delivers security consulting services to their clients. Michael also presents for his company at many trade shows and conferences and works with associations and groups, advising agencies like the FBI on Skype security and the Center for Internet Security on wireless security.
Affiliations and expertise
Computer security consultant, host and webmaster, www.SkypeTips.com and www.VideoCallTips.comRead How to Cheat at VoIP Security on ScienceDirect