VoIP Threat and Security - I


Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • 03/15: 96X1 added to FST; verification to be done on builds available till June 03/02: Changed PC version to 4.2 (product has gone through commit gate). Clarified/added Duplex CM Main/Survivable Template. 02/10: Incorporated suggestions for BSM and ESS-SM, added System Platform Template: Embedded Survivable Branch 02/04: Incorporated suggestions from POM Team 01/28: Incorporated suggestions from IPTCM team 01/20: Incorporated changes discussed in review meeting on 01/20 01/19: Incorporated changes discussed in review meeting on 01/18 01/17: Combined CC and CC /W ASM; incorporated suggestions from Amy and Poonam.
  • System Platform Template: Embedded Survivable Branch Release 6.0 -- EID 10651 BSM – Compas ID=139401 Add a second SM in your config and should test for application failover scenarios System Platform Template: Embedded Survivable Branch Release 6.0 – Same as BSM on S8300D _ G430? specify versions – 96XX 2.5 and 2.6. do you really test with 16XX? What’s the deal with 16CC and SM? Trunking only.?
  • VoIP Threat and Security - I

    1. 1. VoIP & UC Threat And Security - I By Mithilesh Kumar
    2. 2. VoIP & UC ?
    3. 3. What is VoIP ? <ul><li>Voice over Internet Protocol (VoIP) is a general term for a family of transmission technologies for delivery of voice communications over IP networks such as the Internet or other packet-switched networks. </li></ul>
    4. 4. What is UC ? <ul><li>Unified communications (UC) is the integration of real-time communication services such as instant messaging (chat), presence information, Telephony (including IP telephony), video conferencing, call control and speech recognition with non real-time communication services such as unified messaging (integrated voicemail, e-mail, SMS and fax). </li></ul><ul><li>UC allows an individual to send a message on one medium and receive on another </li></ul>
    5. 5. What is VoIP & UC Threat ? <ul><li>Attacking on VoIP & UC Infrastructure intentionally or unintentionally in any form is a VoIP & UC Threat. </li></ul><ul><li>Eavesdropping , Vishing, DoS/DDoS, Call tampering, Man-in-the-middle attacks, ….. </li></ul>
    6. 6. What is VoIP & UC Security ? <ul><li>Securing VoIP & UC infrastructure from all kind of Threat is VoIP & UC Security </li></ul><ul><li>Firewall, Policy Enforcement, Authentication, Encryption, Behavior Learning,…. </li></ul>
    7. 7. Threats & Security Measures
    8. 8. <ul><li>Eavesdropping: Eavesdropping is the act of secretly listening to the private conversation of others without their consent. </li></ul>Impact: Through eavesdropping, a third party can obtain names, password and phone numbers, allowing them to gain control over voicemail, calling plan, call forwarding and billing information. Solution: The primary means of protecting SIP traffic is using Transport Layer Security (TLS) and Secure RTP (SRTP). With encryption, sessions are kept private with no chance of eavesdropping. For inter-office traffic calls, using VPN are obviously secure. Reality: Not all VoIP providers use encryption since it costs money in overhead.
    9. 9. <ul><li>Vishing: The term is a combination of &quot;voice&quot; and phishing. which involves a party calling you faking a trustworthy organization (e.g. your bank) and requesting confidential and often critical information. </li></ul><ul><li>Impact: Vishing is typically used to steal credit card numbers or other information used in identity theft schemes from individuals. </li></ul><ul><ul><li>Example: </li></ul></ul><ul><ul><ul><li>The criminal configures either a war dialer to call phone numbers in a given region or accesses a legitimate voice messaging company with a list of phone numbers stolen from a financial institution. </li></ul></ul></ul><ul><ul><ul><li>When the victim answers the call, an automated recording, often generated with a text to speech synthesizer, is played to alert the consumer that their credit card has had fraudulent activity or that their bank account has had unusual activity. The message instructs the consumer to call the following phone number immediately. The same phone number is often shown in the spoofed caller ID and given the same name as the financial company they are pretending to represent. </li></ul></ul></ul><ul><ul><ul><li>When the victim calls the number, it is answered by automated instructions to enter their credit card number or bank account number on the key pad. </li></ul></ul></ul><ul><ul><ul><li>Once the consumer enters their credit card number or bank account number, the visher has the information necessary to make fraudulent use of the card or to access the account. </li></ul></ul></ul><ul><ul><ul><li>The call is often used to harvest additional details such as security PIN, expiration date, date of birth, etc. </li></ul></ul></ul><ul><li>Solution: Awareness. Awareness. Awareness. </li></ul>
    10. 10. <ul><li>DoS/DDoS: A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make resource unavailable to its intended users. In VoIP, DoS attacks can be carried out by flooding a target with unnecessary SIP call-signaling messages, thereby degrading the service. This causes calls to drop prematurely and halts call processing. </li></ul><ul><li>Impact: Once the target is denied of the service and ceases operating, the attacker can get remote control of the administrative facilities of the system. </li></ul><ul><li>Solution: To Protect from DoS/DDoS Attack, Firewall, Policy Control, Black List/ White List , … should be used. </li></ul>
    11. 11. <ul><li>Call Tempering: Call tampering is an attack which involves tampering a phone call in progress. </li></ul><ul><li>Impact: Attacker can either spoil the quality of the call or by injecting noise packets in the communication stream or inject new Audio/Video packets altogether. </li></ul><ul><ul><li>Example: </li></ul></ul><ul><ul><ul><li>Over Audio call or Conference, Attackers inject RTP noise packets. </li></ul></ul></ul><ul><ul><ul><li>Over Video call or Broadcast, Attackers inject unlawful video, Ad, etc. </li></ul></ul></ul><ul><li>Solution: Use SRTP (Secure RTP) to protect Media Tempering. </li></ul><ul><li>Reality : Not all VoIP providers use SRTP since it costs money in overhead. </li></ul>
    12. 12. <ul><li>Man-in-the middle: The man-in-the middle attack intercepts a communication between two systems. </li></ul><ul><li>Impact: The attacker intercepts call-signaling SIP message traffic and masquerades as the calling party to the called party, or vice versa. Once the attacker has gained this position, he can hijack calls via a redirection server. </li></ul><ul><li>Solution: Use TLS or Mutual TLS (MTLS/SRTP) to prevent call hijack. </li></ul>
    13. 13. Reference Links <ul><li>http://www.voipsa.org/Resources/tools.php </li></ul><ul><li>http://sipp.sourceforge.net/ </li></ul><ul><li>http://www.ietf.org/rfc/rfc4475.txt </li></ul><ul><li>https://www.ee.oulu.fi/research/ouspg/PROTOS_Test-Suite_c07-sip </li></ul>
    14. 14. <ul><li>Thank You !!! </li></ul>