PowerPoint Presentations


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

PowerPoint Presentations

  1. 1. Telecommunications Security Chapter Ten Prepared by: Raval, Fichadia Raval • Fichadia John Wiley & Sons, Inc. 2007
  2. 2. Chapter Ten Objectives <ul><li>Learn the basic concepts of telecommunications (PSTN, PBX, VoIP) and associated terminology. </li></ul><ul><li>Understand the risks that impact telecommunications and the controls to mitigate them. </li></ul><ul><li>Gain the skills to assess the security posture of a telecommunications infrastructure and make management recommendations. </li></ul><ul><li>Apply security principles and best practices to a telecommunications infrastructure. </li></ul>
  3. 3. The Big Picture Elements of the telecommunications infrastructure. Some risks that impact the infrastructure.
  4. 4. Telecommunication primer <ul><li>Telecommunication: telephone-based communication across different parties using either PSTN or VoIP technologies. </li></ul><ul><li>Traditional telephone communication occurs via the Public Switched Telephone Network (PSTN). </li></ul><ul><li>PSTN involves transmitting analog voice signals over copper wires to a local station where it is digitized and sent on a dedicated network to its destination end node. </li></ul><ul><li>VoIP is newer technology that involves the digitized voice via small packets over shared network. </li></ul><ul><li>Vendors that provide PSTN includes AT&T, Qwest. VoIP providers include companies like Vonage. </li></ul>
  5. 5. Telecommunication primer <ul><li>Telecommunication: PSTN components include the following: </li></ul><ul><li>End nodes are your basic telephones (for people), modems (for computers), telephony cards (for AVRs). </li></ul><ul><li>Phone switches are equipment where a dedicated channel between various callers and receivers is established. </li></ul><ul><li>Transmission media typically includes copper wire between end nodes and local phone switch and digital/fiber connections between various switches. </li></ul><ul><li>Signaling system that provides call control (connecting / disconnecting callers, determining best route etc.) </li></ul>
  6. 6. Telecommunication primer <ul><li>Telecommunication: Need for phone switches </li></ul><ul><li>Connecting phones to every other phone is untenable. For e.g., 10,000 phones need ~50M connections (n*(n-1)/2). </li></ul><ul><li>Phone switches solve this problem by acting as a central hub which connects to all phones. 10,000 phones need 10,000 connections (n). </li></ul>
  7. 7. Telecommunication primer <ul><li>Telecommunication: Function of phone switches </li></ul><ul><li>Phone switches act as a broker by opening a dedicated circuit when a caller request for it. </li></ul><ul><li>Number of circuits are determined by Earlang equations. </li></ul><ul><li>Different categories of phone switches: </li></ul><ul><ul><li>Private Branch Exchange (PBX): is a privately owned switch </li></ul></ul><ul><ul><li>Central Office (CO) is a phone company owned switch that interfaces with end users phones. </li></ul></ul><ul><ul><li>Tandem switches: large scale switches that interface to various COs and other tandem switches. </li></ul></ul>
  8. 8. Telecommunication primer <ul><li>Telecommunication: Hierarchy of phone switches </li></ul><ul><li>Phones connect to CO switch via local loop. </li></ul><ul><li>CO switch connects to tandem switch via trunk lines. </li></ul><ul><li>Tandem switches connect to each other. </li></ul>
  9. 9. Telecommunication primer <ul><li>Telecommunication: Transmission media allow a path for user-to-network and network-to-network communication. </li></ul><ul><li>User-to-network communication, from home phone to CO, typically occurs over copper wires in an analog format. </li></ul><ul><li>Dual-Tone Multiple Frequency (DTMF) is used to signal CO for a communication channel. </li></ul>
  10. 10. Telecommunication primer <ul><li>Telecommunication: Transmission media allow a path for user-to-network and network-to-network communication. </li></ul><ul><li>Network-to-network communication, from switch to switch, typically occurs over fiber in a digital format. </li></ul><ul><li>Analog signals are digitized via pulse-code modulation (PCM), combined via time-division multiplexing (TDM) and sent over PSTN. </li></ul>
  11. 11. Telecommunication primer <ul><li>Telecommunication: Transmission media allow a path for user-to-network and network-to-network communication. </li></ul><ul><li>Over the PSTN tandem switches carry the signal over the network to the destination CO for delivery to the end node. </li></ul>
  12. 12. Telecommunication primer <ul><li>Telecommunication: Signaling system is needed to build a route among switches and to provide call control. </li></ul><ul><li>Before a call is sent over the PSTN, a dedicated path (circuit) has to be setup. </li></ul><ul><li>Messages to setup a circuit, tear it down, provide busy tones, etc. need to be passed back and forth (call control). </li></ul><ul><li>This signaling is accomplished via an out-of-band network called common channel signal (CCS) network. </li></ul><ul><li>SS7 is the current implementation of CCS network. </li></ul>
  13. 13. Telecommunication primer <ul><li>Telecommunication: Signaling system is needed to build a route among switches and to provide call control. </li></ul><ul><li>SS7 is a packet switched shared network for signaling (PSTN is a circuit switched dedicated network for transmission of voice signals). </li></ul>
  14. 14. Telecommunication primer <ul><li>Telecommunication: VoIP components include the following: </li></ul><ul><li>End nodes are VoIP-enabled telephones. They could be like regular phones (hardphones) or be softphones. </li></ul><ul><li>Call processors – also known as softswitches – that setup calls, translate phone numbers into IP addresses, do signaling, authorize users, etc. </li></ul><ul><li>Media processors that broker transmissions between VoIP and PSTN networks. </li></ul><ul><li>Signaling gateways that mediate between signaling on VoIP networks and signaling on PSTN networks. </li></ul>
  15. 15. Telecommunication primer <ul><li>Telecommunication: VoIP networks currently coexist with PSTN networks. </li></ul><ul><li>Media processors and signaling gateways bridge the gap between PSTN and VoIP networks. </li></ul>
  16. 16. Telecommunication primer <ul><li>Telecommunication: Advantages of VoIP includes: </li></ul><ul><li>Data networks can be reused for voice traffic (convergence). </li></ul><ul><li>Enhanced features and functionality compared to PSTN. </li></ul><ul><li>Cheaper calls than PSTN networks. Cost doesn’t vary as much by time-of-day or distance. </li></ul><ul><li>VoIP allows for location independence – calls follow you. </li></ul><ul><li>Allows for efficient use of bandwidth – silence doesn’t consume any bandwidth. </li></ul><ul><li>However , quality for VoIP calls still has to catch up with PSTN calls. </li></ul>
  17. 17. Telecommunication primer <ul><li>Telecommunication: Comparison of VoIP vs PSTN: </li></ul>
  18. 18. Management concerns <ul><li>Concerns about telecommunications system security typically include the following: </li></ul><ul><li>Maximizing the communication infrastructure availability for employees and customers. </li></ul><ul><li>Ensuring the integrity of communications infrastructure. </li></ul><ul><li>Keeping up with existing and upcoming telecom scams, toll frauds, social engineering attacks and implementing mitigating controls. </li></ul><ul><li>Having an effective backup, recovery, business resumption and a disaster recovery plan. </li></ul>
  19. 19. Risks and controls <ul><li>Remote Access : Feature of PBX that allows long-distance calls to remote users. </li></ul><ul><li>Also known as Direct Inward System Access (DISA). </li></ul><ul><li>Employees on the road call a toll-free number paid by the company. </li></ul><ul><li>The PBX prompts for a passcode and gives a dial tone to make a long-distance call at company’s expense. </li></ul>
  20. 20. Risks and controls <ul><li>Remote access risks : </li></ul><ul><li>Phreakers war-dial/dumpster dive/social engineer to identify remote access numbers & crack the passcodes leading to toll-fraud. </li></ul><ul><li>Controls : </li></ul><ul><li>Disable DISA if not reqd. Else, use strong passcodes. </li></ul><ul><li>Don’t make 800 #s readily available. </li></ul><ul><li>Disable dial tones on DISA ports to foil war-dialers. </li></ul><ul><li>Limit places to which long distance calls can be made. </li></ul><ul><li>Analyze the logs to identify toll-fraud. </li></ul>
  21. 21. Risks and controls <ul><li>Maintenance ports : Feature of PBX that allows support personnel to administer various features remotely. </li></ul><ul><li>Also known as Remote Administration. </li></ul><ul><li>Support personnel and vendors call into the PBX and can administer various PBX features. </li></ul><ul><li>The PBX prompts for a passcode before allowing access. </li></ul>
  22. 22. Risks and controls <ul><li>Remote access risks : </li></ul><ul><li>Phreakers war-dial/dumpster dive/social engineer to identify maintenance port numbers & crack the passcodes leading to toll-fraud, silent monitoring, call rerouting and deny service. </li></ul><ul><li>Controls : </li></ul><ul><li>Disable maintenance ports if not reqd. Else, use strong passcodes or stronger authentication means. </li></ul><ul><li>Enable intruder lockouts. </li></ul><ul><li>Disable dial tones on DISA ports to foil war-dialers. </li></ul><ul><li>Analyze the logs to identify intrusion attempts. </li></ul>
  23. 23. Risks and controls <ul><li>Silent monitoring : Feature of PBX that allows a user to listen in on other’s conversations. </li></ul><ul><li>Businesses often have a need to silently listen, record, and/or store conversations among users. </li></ul><ul><li>Supervisors listen in on conversations to ensure customer service in a call center/telemarketing type environment. </li></ul><ul><li>Sometimes calls are recorded and/or stored for liability or compliance reasons (e.g. air traffic controller). </li></ul>
  24. 24. Risks and controls <ul><li>Silent monitoring risks : </li></ul><ul><li>Legal ramifications can arise if calls are monitored without reviewing applicable law. Laws vary by state. </li></ul><ul><li>Unauthorized monitoring could occur if administrators aren’t diligent. </li></ul><ul><li>Controls : </li></ul><ul><li>Procure legal consultation before enabling the feature. </li></ul><ul><li>Inform callers and employees about the monitoring/ recording practice. Obtain consent forms from latter. </li></ul><ul><li>Periodically review the business need for users with the privileges to monitor. </li></ul>
  25. 25. Risks and controls <ul><li>Telecom scams : Several scams usually aimed at toll-fraud, are prevalent within telecom industry. </li></ul><ul><li>Shoulder surfing attack includes attackers filming use of calling cards by callers. </li></ul><ul><li>Pager/beeper/fax-back scam aims at tricking people calling into expensive toll-numbers. </li></ul><ul><li>Operator deceit is a social engineering attempt wherein callers fool company employees to transfer them the operator and asking the operator to make a long-distance call on behalf of the employee. </li></ul><ul><li>Employees can misuse call-forwarding feature by forwarding calls to their home numbers and having their friends call the company toll-free number reach them. </li></ul>
  26. 26. Risks and controls <ul><li>Telecom scam risks : </li></ul><ul><li>Toll-fraud . </li></ul><ul><li>Controls : </li></ul><ul><li>Educate users about these scams and implement technical controls where possible. </li></ul><ul><li>Restrict places to where calls can be made. </li></ul><ul><li>Log long-distance activity and analyze logs for abuse. </li></ul><ul><li>Limit the call forwarding feature. </li></ul>
  27. 27. Risks and controls <ul><li>Voicemail & conferencing systems : Allows for exchanging message exchanges & conducting conference calls. </li></ul><ul><li>Often sensitive information is exchanged via voicemails and/or discussed on conference calls. </li></ul><ul><li>Security on these systems is often ignored. Passcodes are almost never changed. Recurring conf calls typically have the same passcodes. </li></ul><ul><li>Sometimes these systems allow for zero-out options where the caller can reach an operator – leading to an operator deceit scenario. </li></ul><ul><li>“ Yes-Yes” scam with mailboxes can lead to third-party billing abuse. </li></ul>
  28. 28. Risks and controls <ul><li>Voicemail & conferencing systems risks : </li></ul><ul><li>Poor passcodes can lead disclose sensitive information. </li></ul><ul><li>Toll-fraud . </li></ul><ul><li>Controls : </li></ul><ul><li>Ensure strong password & password management. </li></ul><ul><li>Educate users and operators about scams. </li></ul><ul><li>Disable zero-out and third-party billing options. </li></ul><ul><li>Delete unused mailboxes. </li></ul>
  29. 29. Risks and controls <ul><li>VoIP : Technology that involves transmission of digitized voice packets over a shared packet-switched network. </li></ul><ul><li>VoIP transmissions are no different that data network transmissions. Hence it suffers from same security issues (see Network security chapter). </li></ul><ul><li>VoIP devices are less proprietary in nature (than PSTN devices) and communicate via standard TCP/IP protocols. Hence it is more prone to attacks. </li></ul><ul><li>A compromise of data network impacts both computer and telephone traffic. </li></ul><ul><li>A compromise of user’s computer could easily impact voice traffic (softphones, web-based voicemail etc.). </li></ul>
  30. 30. Risks and controls <ul><li>VoIP risks : </li></ul><ul><li>Sniffing attacks could capture transmissions. </li></ul><ul><li>Calls could be hijacked. </li></ul><ul><li>DoS attack could disable voice communications. </li></ul><ul><li>Controls : </li></ul><ul><li>Encrypt all VoIP traffic to mitigate sniff risk. </li></ul><ul><li>Use Virtual LANs to logically segregate VoIP traffic from the rest of the traffic. </li></ul><ul><li>Secure operating systems for PCs and VoIP devices. </li></ul><ul><li>Secure networks via firewalls and Intrusion Detection Systems. </li></ul>
  31. 31. Assurance considerations <ul><li>An audit to assess telecommunication security should include the following: </li></ul><ul><li>Evaluate the physical security of telecommunications equipment. </li></ul><ul><li>Assess the security pass-through/zero-out features available via the PBX, voicemail systems, and conferencing systems. </li></ul><ul><li>Review end user education programs to warn them of various telecommunication scams and social engineering attacks. </li></ul><ul><li>Ensure that the DISA and maintenance ports are secured against attacks. </li></ul>
  32. 32. Assurance considerations <ul><li>Review the security all servers that allow for VoIP communications (operating system audit). </li></ul><ul><li>Review the security of the network that carries VoIP traffic (network security audit). </li></ul><ul><li>Ensure that functional plans for backup and recovery, business resumption, disaster recovery are in place. </li></ul>
  33. 33. Recap