A comparison of traditional telephony security with voip
Download
1 / 14

A Comparison of Traditional Telephony Security with VoIP - PowerPoint PPT Presentation


  • 122 Views
  • Uploaded on

A Comparison of Traditional Telephony Security with VoIP. Roy Ford. Agenda. Into to Telephony (Traditional and VoIP) Security Risks Risk Mitigations Conclusions. The Telephone. PBX. Phone Switch. T1 Trunk. Local Loop. Call Setup. SS7 Network. The Telephone.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'A Comparison of Traditional Telephony Security with VoIP' - demetria-lois


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Agenda
Agenda

  • Into to Telephony (Traditional and VoIP)

  • Security Risks

  • Risk Mitigations

  • Conclusions


The telephone
The Telephone

PBX

Phone Switch

T1 Trunk

Local Loop

Call Setup

SS7 Network


The telephone1
The Telephone

  • Mixture of Analog and Multiplexed digital technology

  • Centralized switches that provide power and establish circuits between phones

  • 2 Types of signaling

    • In-band DTMF signaling at phone

    • Out-of-band signaling between Switch nodes over the SS7 network


VoIP

SIP Servers

Gateway

LAN

Internet

PSTN


VoIP

  • Distributed architecture of Phones, gateways and servers over an IP Network

  • 2 Protocols used to carry voice and signaling

    • Real Time Protocol (RTP) carries voice in UDP packets

    • Session Initialization Protocol (SIP) does call setup


Sip invite
SIP Invite

INVITE sip:bob@biloxi.com SIP/2.0

Via: SIP/2.0/UDP pc33.atlanta.com;branch=z9hG4bK776asdhds

Max-Forwards: 70

To: Bob <sip:bob@biloxi.com>

From: Alice <sip:alice@atlanta.com>;tag=1928301774

Call-ID: a84b4c76e66710@pc33.atlanta.com

CSeq: 314159 INVITE

Contact: <sip:alice@pc33.atlanta.com>

Content-Type: application/sdp

Content-Length: 142



Traditional telephony risks
Traditional Telephony Risks

  • Wire Tapping

  • Toll Fraud

    • Phone Phreaking

    • Call Forward All

  • Caller ID Spoofing & SS7 Security

  • User Identification


Voip risks
VoIP Risks

  • Denial of Service

  • Man in the Middle

  • Caller ID Spoofing and interception of Call Setup Information

  • Toll Fraud

  • User Authentication

  • Device Web Servers

  • VoIP Fuzzing


Voip and firewalls
VoIP and Firewalls

  • VoIP does not like Firewalls

  • Firewall Techniques

    • VoIP Aware firewalls

    • STUN

    • TURN


Risk mitigation traditional
Risk Mitigation - Traditional

  • Physical Security

    • Physical plant & Access Console

    • Wire Tap protection

  • Proper Configuration of Call Forwarding

    • Toll Fraud

  • Caller ID Spoofing


Risk mitigation voip
Risk Mitigation - VoIP

  • Segregation of VoIP Traffic

    • DoS isolation

  • Encryption

    • Man in the Middle protection

  • Server Configuration

    • Toll Fraud

  • User Authentication

  • Device Web Servers

    • Just Say No

  • VoIP Fuzzing


Conclusions
Conclusions

  • Encryption required for VoIP

  • Infrastructure issues with VoIP and Traditional Telephony Similar

  • The phone is an attack vector in VoIP