1 / 11

A Listener Among the Static:

A Listener Among the Static:. Security and Voice over IP. Christian Prescott Gabriel Fair. Contents. About VOIP Security Threats Solutions. About VOIP. VoIP protocols have been in development since the early 1990s and have developed with technology to become more secure

Download Presentation

A Listener Among the Static:

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A Listener Among the Static: Security and Voice over IP Christian Prescott Gabriel Fair

  2. Contents About VOIP Security Threats Solutions

  3. About VOIP VoIP protocols have been in development since the early 1990s and have developed with technology to become more secure H.323 remains in use in many corporate VOIP networks Session Initiation Protocol is a widely implemented standard used in VoIP communications to setup and tear down phone calls Many consumer VoIP solutions do not support encryption, although having a secure phone is much easier to implement with VoIP than traditional phone lines, it still takes time, maintenance and money. As a result, it is relatively easy to eavesdrop on VoIP calls and even change content of the call

  4. Threats VoIP deployments are vulnerable to the same internal and external threats that plague any enterprise data local area network (LAN) or Wide Area Network (WAN). Also vulnerable to all of the same threats as a standard phone line.

  5. Threats • Eavesdropping • Authentication • Security of logs • Weak points in network architecture

  6. VoIP has strict performance requirements that make it very susceptible to DoS attacks • Automated Telephony Denial of Service (TDoS) • Socially Organized TDoS • Social Engineering & Financial Fraud • Toll Fraud Threats

  7. VoIP is cheaper than PSTN and is now available anywhere with internet • Caller ID can be easily spoofed and controlled • Asterisk, the popular open source VoIP for PBXs is widely used and free • VoIP in a box enables criminals to move operations to anywhere, even the local coffee shop or library How VoIP makes Phising Easier

  8. Questions?

  9. Thermos, Peter. "Examining Two Well-Known Attacks on VoIP." Web log post. CircleID. N.p., 5 Apr. 2006. Web. 4 Dec. 2012. <http://www.circleid.com/posts/examining_two_well_known_attacks_on_voip1/>. United States of America. U.S. Department of Commerce. National Institute of Standards and Technology. Security Considerations for Voice over IP Systems. By D. R. Kuhn, Thomas J. Walsh, and Steffen Fries. N.p.: n.p., n.d. Print. Weiss, Eric. Security Concerns with VOIP. Tech. N.p.: SANS Institute Infosec Reading Room, 2001. Print. Resources

More Related