VOIP Security

VOIP Security Issues:

• Interception of calls
• Denial of Service Attacks
• Theft of Service
• Exfiltration of data via media session
• Malware embedded in signaling and media session

Interception of Calls

VOIP phone calls are fairly easy to capture and decode if you one has physical access to a LAN segment that the VOIP packets travel across. Fortunately, with most enterprises using Ethernet switches instead of hubs, there are a limited number of locations this is possible.

Countermeasures

• Physical Security
• Encryption – not yet widely available for VOIP services
• Secure wireless networks

Denial of Service Attacks

Sending spurious traffic to VOIP services or endpoints to disrupt normal service.

Countermeasure

• Some Session Border Controllers have DoS countermeasures built in.

Theft of Service

Countermeasures

• Use Authentication features of VOIP protocols
• Encryption
• Physical security
• Secure wireless networks

Exfiltration of data via media session

Sending data out via the media session. RTP as a covert communication channel.

Countermeasure

• Deep Packet Inspection of all outgoing media streams

Malware embedded in signaling and media session

Malformed SIP and RTP (or other signaling/media streams) with malicious payloads

Countermeasures

• Deep Packet Inspection of all incoming signaling and media streams

VoIP and Unified Communications Security

http://ucsecurity.wordpress.com – All about Cisco UC Security. Your one step guide to building, designing, and maintaining secure Cisco UC solutions.

VoIP Security Forums

• VoIP Security Forum

VoIP Security Training

• VoIP Security Training – VoIP Security Course Providers – Conference, Private, & On-site

See Also:

• ((SecAst (Asterisk Intrusion Detection and Prevention) )) SecAst is an Asterisk specific intrusion detection and prevention package, designed to secure any Asterisk server using a range of techniques. SecAst is available in free and commercial versions.
• Securing Internet Telephony: Encrypting Voice with VoIP-over-VPN Ever wonder who eavesdrops on your VoIP conversations? Unencrypted VoIP compromises information security for companies that handle sensitive information and the carriers that serve them. This PATTON Electronics white paper explains how you can make your Internet Telephony solution completely secure. Find out why VoIP-over-VPN technology is more expedient than emerging CODEC-based approaches such as SRTP and SIP TLS. You’ll also learn how Internet Key Exchange (IKE) simplifies VoIP installation at the same time it strengthens information security
• VOIP Phreaking Presentation at the 22nd Chaos Communication Congress
• Best Practices for VoIP Security Whitepaper
• WebCDR Anti-Fraud – Cloud-based VoIP fraud detection (from $300 a month)
• SIPVicious – a blog covering VoIP security and focuses especially SIP related issues
• Humbug Telecom Labs – Cloud-based VoIP security and telecom fraud detection platform for service providers and enterprises
• http://ucsecurity.wordpress.com – All about Cisco UC Security. Your one step guide to building, designing, and maintaining secure Cisco UC solutions.
• SBO Multipath is a Linux based highly secure solution for Termination business.
• ALLO SIP Threat Manager analyzes each SIP packet going to your phone system using the Deepa packet Inspection Engine, identifies the malicious and abnormal ones blocking the originating IP. The $ 300 worth of unit useful to minimize the VOIP fraud