• Save
VoIP Threat and  Security - I
Upcoming SlideShare
Loading in...5
×
 

VoIP Threat and Security - I

on

  • 963 views

 

Statistics

Views

Total Views
963
Views on SlideShare
949
Embed Views
14

Actions

Likes
0
Downloads
0
Comments
0

4 Embeds 14

http://www.linkedin.com 8
http://www.slideshare.net 2
http://www.lmodules.com 2
https://www.linkedin.com 2

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • 03/15: 96X1 added to FST; verification to be done on builds available till June 03/02: Changed PC version to 4.2 (product has gone through commit gate). Clarified/added Duplex CM Main/Survivable Template. 02/10: Incorporated suggestions for BSM and ESS-SM, added System Platform Template: Embedded Survivable Branch 02/04: Incorporated suggestions from POM Team 01/28: Incorporated suggestions from IPTCM team 01/20: Incorporated changes discussed in review meeting on 01/20 01/19: Incorporated changes discussed in review meeting on 01/18 01/17: Combined CC and CC /W ASM; incorporated suggestions from Amy and Poonam.
  • System Platform Template: Embedded Survivable Branch Release 6.0 -- EID 10651 BSM – Compas ID=139401 Add a second SM in your config and should test for application failover scenarios System Platform Template: Embedded Survivable Branch Release 6.0 – Same as BSM on S8300D _ G430? specify versions – 96XX 2.5 and 2.6. do you really test with 16XX? What’s the deal with 16CC and SM? Trunking only.?

VoIP Threat and  Security - I VoIP Threat and Security - I Presentation Transcript

  • VoIP & UC Threat And Security - I By Mithilesh Kumar
  • VoIP & UC ?
  • What is VoIP ?
    • Voice over Internet Protocol (VoIP) is a general term for a family of transmission technologies for delivery of voice communications over IP networks such as the Internet or other packet-switched networks.
  • What is UC ?
    • Unified communications (UC) is the integration of real-time communication services such as instant messaging (chat), presence information, Telephony (including IP telephony), video conferencing, call control and speech recognition with non real-time communication services such as unified messaging (integrated voicemail, e-mail, SMS and fax).
    • UC allows an individual to send a message on one medium and receive on another
  • What is VoIP & UC Threat ?
    • Attacking on VoIP & UC Infrastructure intentionally or unintentionally in any form is a VoIP & UC Threat.
    • Eavesdropping , Vishing, DoS/DDoS, Call tampering, Man-in-the-middle attacks, …..
  • What is VoIP & UC Security ?
    • Securing VoIP & UC infrastructure from all kind of Threat is VoIP & UC Security
    • Firewall, Policy Enforcement, Authentication, Encryption, Behavior Learning,….
  • Threats & Security Measures
    • Eavesdropping: Eavesdropping is the act of secretly listening to the private conversation of others without their consent.
    Impact: Through eavesdropping, a third party can obtain names, password and phone numbers, allowing them to gain control over voicemail, calling plan, call forwarding and billing information. Solution: The primary means of protecting SIP traffic is using Transport Layer Security (TLS) and Secure RTP (SRTP). With encryption, sessions are kept private with no chance of eavesdropping. For inter-office traffic calls, using VPN are obviously secure. Reality: Not all VoIP providers use encryption since it costs money in overhead.
    • Vishing: The term is a combination of "voice" and phishing. which involves a party calling you faking a trustworthy organization (e.g. your bank) and requesting confidential and often critical information.
    • Impact: Vishing is typically used to steal credit card numbers or other information used in identity theft schemes from individuals.
      • Example:
        • The criminal configures either a war dialer to call phone numbers in a given region or accesses a legitimate voice messaging company with a list of phone numbers stolen from a financial institution.
        • When the victim answers the call, an automated recording, often generated with a text to speech synthesizer, is played to alert the consumer that their credit card has had fraudulent activity or that their bank account has had unusual activity. The message instructs the consumer to call the following phone number immediately. The same phone number is often shown in the spoofed caller ID and given the same name as the financial company they are pretending to represent.
        • When the victim calls the number, it is answered by automated instructions to enter their credit card number or bank account number on the key pad.
        • Once the consumer enters their credit card number or bank account number, the visher has the information necessary to make fraudulent use of the card or to access the account.
        • The call is often used to harvest additional details such as security PIN, expiration date, date of birth, etc.
    • Solution: Awareness. Awareness. Awareness.
    • DoS/DDoS: A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make resource unavailable to its intended users. In VoIP, DoS attacks can be carried out by flooding a target with unnecessary SIP call-signaling messages, thereby degrading the service. This causes calls to drop prematurely and halts call processing.
    • Impact: Once the target is denied of the service and ceases operating, the attacker can get remote control of the administrative facilities of the system.
    • Solution: To Protect from DoS/DDoS Attack, Firewall, Policy Control, Black List/ White List , … should be used.
    • Call Tempering: Call tampering is an attack which involves tampering a phone call in progress.
    • Impact: Attacker can either spoil the quality of the call or by injecting noise packets in the communication stream or inject new Audio/Video packets altogether.
      • Example:
        • Over Audio call or Conference, Attackers inject RTP noise packets.
        • Over Video call or Broadcast, Attackers inject unlawful video, Ad, etc.
    • Solution: Use SRTP (Secure RTP) to protect Media Tempering.
    • Reality : Not all VoIP providers use SRTP since it costs money in overhead.
    • Man-in-the middle: The man-in-the middle attack intercepts a communication between two systems.
    • Impact: The attacker intercepts call-signaling SIP message traffic and masquerades as the calling party to the called party, or vice versa. Once the attacker has gained this position, he can hijack calls via a redirection server.
    • Solution: Use TLS or Mutual TLS (MTLS/SRTP) to prevent call hijack.
  • Reference Links
    • http://www.voipsa.org/Resources/tools.php
    • http://sipp.sourceforge.net/
    • http://www.ietf.org/rfc/rfc4475.txt
    • https://www.ee.oulu.fi/research/ouspg/PROTOS_Test-Suite_c07-sip
    • Thank You !!!