SIP Trunking & Security  in an Enterprise Network
Upcoming SlideShare
Loading in...5
×
 

SIP Trunking & Security in an Enterprise Network

on

  • 11,203 views

How secure are your VoIP systems as you deploy SIP-based systems in an enterprise environment? In this slide deck presented by VOIPSA Best Practices Chair Dan York at the Ingate SIP Trunking Seminars ...

How secure are your VoIP systems as you deploy SIP-based systems in an enterprise environment? In this slide deck presented by VOIPSA Best Practices Chair Dan York at the Ingate SIP Trunking Seminars at ITEXPO September 17, 2008, Dan York walks through the security issues related to VoIP (with a focus on SIP trunking), the tools out there to attack/test VoIP systems, best practices and resources. (An audio recording of this session was made and will be available.)

Statistics

Views

Total Views
11,203
Views on SlideShare
10,738
Embed Views
465

Actions

Likes
8
Downloads
407
Comments
1

9 Embeds 465

http://voipsa.org 260
http://www.disruptivetelephony.com 111
http://www.techgig.com 55
http://www.slideshare.net 18
http://www.realtime-unifiedcommunications.com 16
http://translate.googleusercontent.com 2
http://static.slideshare.net 1
http://10.150.200.57 1
http://www.m.techgig.com 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
  • excellent
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

SIP Trunking & Security  in an Enterprise Network SIP Trunking & Security in an Enterprise Network Presentation Transcript

  • SIP Trunking & Security in an Enterprise Network Dan York, CISSP VOIPSA Best Practices Chair September 17, 2008
  • © 2008 VOIPSA and Owners as Marked
  • Privacy Availability Compliance Confidence Mobility Cost Avoidance Business Continuity © 2008 VOIPSA and Owners as Marked
  • © 2008 VOIPSA and Owners as Marked
  • © 2008 VOIPSA and Owners as Marked
  • © 2008 VOIPSA and Owners as Marked
  • © 2008 VOIPSA and Owners as Marked
  • TDM security is relatively simple... PSTN Gateways TDM Switch Physical Voicemail Wiring © 2008 VOIPSA and Owners as Marked
  • VoIP security is more complex Operating Desktop PSTN E-mail Systems PCs Gateways Systems Network Web Firewalls Switches Servers Standards Voice over PDAs Wireless Instant IP Devices Messaging Directories Internet Databases Physical Voicemail Wiring © 2008 VOIPSA and Owners as Marked
  • VoIP can be more secure than the PSTN if it is properly deployed. © 2008 VOIPSA and Owners as Marked
  • VoIP Security Concerns
  • Security concerns in telephony are not new… Image courtesy of the Computer History Museum © 2008 VOIPSA and Owners as Marked
  • Nor are our attempts to protect against threats… Image courtesy of Mike Sandman – http://www.sandman.com/ © 2008 VOIPSA and Owners as Marked
  • Security Aspects of IP Telephony Media / Voice Manage TCP/IP Call ment Network Control PSTN Policy © 2008 VOIPSA and Owners as Marked
  • Media Eavesdropping Degraded Voice Quality Encryption Virtual LANs (VLANs) Packet Filtering © 2008 VOIPSA and Owners as Marked
  • Signaling Denial of Service Impersonation Toll Fraud Encryption Encrypted Phone Software Proper Programming © 2008 VOIPSA and Owners as Marked
  • Management Web Interfaces APIs! Phones! Encryption Change Default Passwords! Patches? We don’t need... © 2008 VOIPSA and Owners as Marked
  • PSTN © 2008 VOIPSA and Owners as Marked
  • Geography © 2008 VOIPSA and Owners as Marked
  • Internet LAN © 2008 VOIPSA and Owners as Marked
  • SIP Trunking
  • The Challenge of SIP Trunking PSTN SIP Service Provider Internet IP-PBX LAN © 2008 VOIPSA and Owners as Marked
  • SIP Trunking PSTN SIP Service Provider Carrier Network IP-PBX LAN © 2008 VOIPSA and Owners as Marked
  • The Challenge of SIP Trunking PSTN SIP Service Provider Internet IP-PBX LAN © 2008 VOIPSA and Owners as Marked
  • SIP Trunking - Business Continuity PSTN SIP Service Provider SIP Service Internet Provider IP-PBX LAN © 2008 VOIPSA and Owners as Marked
  • SIP Trunking - Business Continuity PSTN SIP Service Provider SIP Service Internet Provider IP-PBX SIP Service LAN Provider © 2008 VOIPSA and Owners as Marked
  • Cloud Computing
  • Geography © 2008 VOIPSA and Owners as Marked
  • Moving Voice Applications into “the Cloud” Application Platform Internet / WAN IP-PBX LAN PSTN © 2008 VOIPSA and Owners as Marked
  • Moving Telephony into “the Cloud” Hosted “IP-PBX” Internet / WAN Firewall LAN PSTN © 2008 VOIPSA and Owners as Marked
  • Can you trust “the Cloud” to be there? © 2008 VOIPSA and Owners as Marked
  • Questions for SIP Trunk Providers or Cloud Computing Platforms? • What kind of availability guarantees / Service Level Agreements (SLAs) does the platform vendor provide? • What kind of geographic redundancy is built into the underlying network? • What kind of network redundancy is built into the underlying network? • What kind of physical redundancy is built into the data centers? • What kind of monitoring does the vendor perform? • What kind of scalability is in the cloud computing platform? • What kind of security, both network and physical, is part of the computing platform? • Finally, what will the vendor do if there is downtime? Will the downtime be reflected in your bill? © 2008 VOIPSA and Owners as Marked
  • Spam / SPIT
  • What about SPIT? (“SPam over Internet Telephony”) • What does a traditional telemarketer need? • Makes for great headlines, but not yet a significant threat • Fear is script/tool that: – Iterates through calling SIP addresses: • 111@sip.company.com, 112@sip.company.com, … • Opens an audio stream if call is answered (by person or voicemail) – Steals VoIP credentials and uses account to make calls • Reality is that today such direct connections are generally not allowed • This will change as companies make greater use of SIP trunking and/or directly connect IP-PBX systems to the Internet (and allow incoming calls SPAM from any other IP endpoint) • Until that time, PSTN is de facto firewall © 2008 VOIPSA and Owners as Marked
  • Resources
  • What is the Industry Doing to Help? Security Vendors VoIP Vendors “The Sky Is Falling!” “Don’t Worry, Trust Us!” (Buy our products!) (Buy our products!) © 2008 VOIPSA and Owners as Marked
  • Voice Over IP Security Alliance (VOIPSA) • www.voipsa.org – 100 members from VoIP and security industries • VOIPSEC mailing list – www.voipsa.org/VOIPSEC/ • “Voice of VOIPSA” Blog – www.voipsa.org/blog • Blue Box: The VoIP Security Podcast – www.blueboxpodcast.com • VoIP Security Threat Taxonomy • Best Practices Project underway now Security Research Market and Social Classification Best Practices Outreach Objectives and Taxonomy of for VoIP Communication Constraints Security Threats Security of Findings Security System Testing LEGEND Published Active Now Ongoing © 2008 VOIPSA and Owners as Marked
  • www.voipsa.org/Resources/tools.php © 2008 VOIPSA and Owners as Marked
  • © 2008 VOIPSA and Owners as Marked
  • Tools, tools, tools... • UDP Flooder • Asteroid • IAX Flooder • enumIAX • IAX Enumerator • iWar • ohrwurm RTP Fuzzer • StegRTP • RTP Flooder • VoiPong • INVITE Flooder • Web Interface for SIP Trace • AuthTool • SIPScan • BYE Teardown • SIPCrack • Redirect Poison • SiVuS • Registration Hijacker • SIPVicious Tool Suite • Registration Eraser • SIPBomber • RTP InsertSound • SIPsak • RTP MixSound • SIP bot • SPITTER © 2008 VOIPSA and Owners as Marked
  • Security Links • VoIP Security Alliance - http://www.voipsa.org/ – Threat Taxonomy - http://www.voipsa.org/Activities/taxonomy.php – VOIPSEC email list - http://www.voipsa.org/VOIPSEC/ – Weblog - http://www.voipsa.org/blog/ – Security Tools list - http://www.voipsa.org/Resources/tools.php – Blue Box: The VoIP Security Podcast - http://www.blueboxpodcast.com • NIST SP800-58, “Security Considerations for VoIP Systems” – http://csrc.nist.gov/publications/nistpubs/800-58/SP800-58-final.pdf • Network Security Tools – http://sectools.org/ • Hacking Exposed VoIP site and tools – http://www.hackingvoip.com/ © 2008 VOIPSA and Owners as Marked
  • VoIP can be more secure than the PSTN if it is properly deployed. © 2008 VOIPSA and Owners as Marked
  • Q&eh? www.voipsa.org Dan York - dyork@voxeo.com