VoIP 2 Is free too Expensive? by Darren Bilby and Nick von Dadelszen
Different Types of VoIP <ul><li>There are many different implementations of IP telephony: </li></ul><ul><ul><li>Skype </li...
VoIP Technology <ul><li>Each type of VoIP uses different technology: </li></ul><ul><ul><li>Skype – Proprietary </li></ul><...
Attacks Against VoIP <ul><li>Multiple attack avenues: </li></ul><ul><ul><li>Standard traffic capture attacks </li></ul></u...
Consequences of Attacks <ul><li>Eavesdropping and recording phone calls </li></ul><ul><li>Active modification of phone cal...
Capturing VoIP Data <ul><li>Ethereal has built-in support for some VoIP protocols </li></ul><ul><li>Has the ability to cap...
 
 
 
Audio Capture
VoIP Security Solutions <ul><li>You must protect the network traffic </li></ul><ul><ul><li>Separate data and voice traffic...
Skype – What Is It? <ul><li>Proprietary VOIP system for calls over the Internet </li></ul><ul><li>Free and simple to use <...
Skype Connection Details <ul><li>Listens on a random port, 80 and 443 </li></ul><ul><li>Connects to known Supernodes store...
Skype Architecture Ref: &quot;An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol“ Salman A. Baset and Henni...
Skype Call Security <ul><li>Skype claims to encrypt all voice traffic with 128-bit or better encryption </li></ul><ul><li>...
Other Skype Security Concerns <ul><li>Same developers as KaZaA, known for spyware </li></ul><ul><li>Cannot stop client bec...
Should You Use Skype? <ul><li>If you can answer yes to four questions: </li></ul><ul><ul><li>Are you willing to circumvent...
Other VoIP Issues – Commercial Caller ID Spoofing <ul><li>Multiple companies are now offering caller ID spoofing: </li></u...
Other VoIP Issues – New Attack Tools <ul><li>New tools make finding vulnerabilities easier </li></ul><ul><ul><li>SIP Bombe...
 
Good Sites For Learning More <ul><li>Some good links for learning more about VoIP </li></ul><ul><ul><li>http://www.voip-in...
Upcoming SlideShare
Loading in …5
×

VOIP 2: Is Free too Expensive?

1,025 views
952 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,025
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
32
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

VOIP 2: Is Free too Expensive?

  1. 1. VoIP 2 Is free too Expensive? by Darren Bilby and Nick von Dadelszen
  2. 2. Different Types of VoIP <ul><li>There are many different implementations of IP telephony: </li></ul><ul><ul><li>Skype </li></ul></ul><ul><ul><li>MSN </li></ul></ul><ul><ul><li>Firefly </li></ul></ul><ul><ul><li>Cisco Office </li></ul></ul><ul><ul><li>Asterix </li></ul></ul>
  3. 3. VoIP Technology <ul><li>Each type of VoIP uses different technology: </li></ul><ul><ul><li>Skype – Proprietary </li></ul></ul><ul><ul><li>MSN – SIP </li></ul></ul><ul><ul><li>Firefly – IAX </li></ul></ul><ul><ul><li>Cisco – H.323, Skinny </li></ul></ul><ul><ul><li>Asterix – SIP, IAX2 </li></ul></ul><ul><ul><li>Others – MGCP </li></ul></ul><ul><li>Most of these do not have security built-in so rely on network controls </li></ul>
  4. 4. Attacks Against VoIP <ul><li>Multiple attack avenues: </li></ul><ul><ul><li>Standard traffic capture attacks </li></ul></ul><ul><ul><li>Traffic manipulation </li></ul></ul><ul><ul><li>Dynamic configuration attacks </li></ul></ul><ul><ul><li>Phone-based vulnerabilities </li></ul></ul><ul><ul><li>Management interface attacks </li></ul></ul>
  5. 5. Consequences of Attacks <ul><li>Eavesdropping and recording phone calls </li></ul><ul><li>Active modification of phone calls </li></ul><ul><li>Call Tracking </li></ul><ul><li>Crashing phones </li></ul><ul><li>Denying phone service – Slammer? </li></ul><ul><li>VoIP Spamming </li></ul><ul><li>Free calls </li></ul><ul><li>Spoofing caller ID </li></ul>
  6. 6. Capturing VoIP Data <ul><li>Ethereal has built-in support for some VoIP protocols </li></ul><ul><li>Has the ability to capture VoIP traffic </li></ul><ul><li>Can dump some forms of VoIP traffic directly to WAV files. </li></ul><ul><li>Point and click hacking! </li></ul>
  7. 10. Audio Capture
  8. 11. VoIP Security Solutions <ul><li>You must protect the network traffic </li></ul><ul><ul><li>Separate data and voice traffic – VLANs </li></ul></ul><ul><ul><li>Ensure IPSEC or other VPN technology used over WAN links </li></ul></ul><ul><ul><li>IDS monitoring on the network – ARP inspection </li></ul></ul><ul><ul><li>Host Security </li></ul></ul><ul><ul><li>VOIP enabled firewalls </li></ul></ul><ul><ul><li>Excellent guidelines in Cisco SAFE documentation </li></ul></ul><ul><li>Or wait for more secure protocols </li></ul>
  9. 12. Skype – What Is It? <ul><li>Proprietary VOIP system for calls over the Internet </li></ul><ul><li>Free and simple to use </li></ul><ul><li>Developed by the creators of KaZaA </li></ul><ul><li>Relies on P2P technology </li></ul><ul><li>Over 29 million users worldwide </li></ul><ul><li>Allows connections to regular phones through SkypeOut </li></ul>
  10. 13. Skype Connection Details <ul><li>Listens on a random port, 80 and 443 </li></ul><ul><li>Connects to known Supernodes stored in the registry </li></ul><ul><li>Must establish connection with login server to authenticate </li></ul><ul><li>NAT and Firewall traversal </li></ul><ul><li>Any Skype client with an Internet IP address and suitable bandwith/CPU may become a Supernode </li></ul>
  11. 14. Skype Architecture Ref: &quot;An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol“ Salman A. Baset and Henning Schulzrinne
  12. 15. Skype Call Security <ul><li>Skype claims to encrypt all voice traffic with 128-bit or better encryption </li></ul><ul><li>The encryption implementation used is proprietary and closed-source </li></ul><ul><li>It is unknown whether the Skype organisation has the ability to decrypt all voice traffic </li></ul>
  13. 16. Other Skype Security Concerns <ul><li>Same developers as KaZaA, known for spyware </li></ul><ul><li>Cannot stop client becoming a Supernode </li></ul><ul><li>Client allows file transfer, even through firewalls, an access path for malicious code, information leakage </li></ul><ul><li>Login server reliance </li></ul>
  14. 17. Should You Use Skype? <ul><li>If you can answer yes to four questions: </li></ul><ul><ul><li>Are you willing to circumvent the perimeter controls of your network? </li></ul></ul><ul><ul><li>Do you trust the Skype developers to implement security correctly (being closed-source)? </li></ul></ul><ul><ul><li>Do you trust the ethics of the Skype developers? </li></ul></ul><ul><ul><li>Can you tolerate the Skype network being unavailable? </li></ul></ul>
  15. 18. Other VoIP Issues – Commercial Caller ID Spoofing <ul><li>Multiple companies are now offering caller ID spoofing: </li></ul><ul><ul><li>- CovertCall - PI Phone </li></ul></ul><ul><ul><li>- Star38 - Us Tracers </li></ul></ul><ul><ul><li>- Camophone - Telespoof </li></ul></ul><ul><li>Makes Social Engineering a lot easier </li></ul><ul><li>Many systems authenticate on CID </li></ul>
  16. 19. Other VoIP Issues – New Attack Tools <ul><li>New tools make finding vulnerabilities easier </li></ul><ul><ul><li>SIP Bomber </li></ul></ul><ul><ul><li>PROTOS Test-Suite </li></ul></ul><ul><ul><li>SiVuS </li></ul></ul>
  17. 21. Good Sites For Learning More <ul><li>Some good links for learning more about VoIP </li></ul><ul><ul><li>http://www.voip-info.org/tiki-index.php?page=voip-info.org </li></ul></ul><ul><ul><li>http://www.vopsecurity.org/index.php </li></ul></ul>

×