ETel2007: The Black Bag Security Review (VoIP Security)

28,036 views

Published on

VoIP security presentation given by Dan York of the VoIP Security Alliance (VOIPSA) at O'Reilly's Emerging Telephony 2007 conference on March 1, 2007. Slides really need to be viewed with the audio, which will be uploaded to Blue Box: The VoIP Security Podcast at http://www.blueboxpodcast.com/ soon.

Published in: Technology, Business
6 Comments
17 Likes
Statistics
Notes
No Downloads
Views
Total views
28,036
On SlideShare
0
From Embeds
0
Number of Embeds
155
Actions
Shares
0
Downloads
0
Comments
6
Likes
17
Embeds 0
No embeds

No notes for slide

ETel2007: The Black Bag Security Review (VoIP Security)

  1. The Black Bag Security Review Dan York, CISSP Emerging Telephony 2007
  2. The Story of SysAdmin Steve <ul><li>Part 1 </li></ul>
  3. Once upon a time...
  4. big company
  5. smaller company
  6. promotion
  7. IT
  8. phones, too!
  9. new VoIP system
  10. net head
  11. V
  12. Voice
  13. SIP
  14. open standard
  15. Security Isn’t Possible
  16. education
  17. IP-PBX SIP Service Provider LAN Internet PSTN
  18. cheap
  19. merged
  20. quit
  21. ?
  22. new IT staff
  23. Juvenile Joe
  24. BOFH
  25. read e-mail
  26. monitor
  27. comment
  28. playground
  29. exploit chaos
  30. fun
  31. ultimate truism
  32. voice = packets
  33. packets = bits
  34. bits can be manipulated
  35. “ VoIP security tools”
  36. tools, tools, tools
  37. voipsa.org
  38. hackingvoip.com
  39. sectools.org
  40. tools, tools, tools
  41. good
  42. evil
  43. test/defend
  44. attack
  45. perspective
  46. white hat
  47. black hat
  48. wireshark <ul><li>the tool formerly known as Ethereal </li></ul>
  49.  
  50. cain & abel
  51. RTP
  52. WAV
  53. MP3s
  54. iPod
  55. 2-hour commute
  56. corporate conversations
  57. personal iPod
  58. corporate conversations
  59. personal iPod
  60. (scared yet?)
  61. conversations
  62. PIN
  63. voicemail PINs
  64. banking PINs
  65. DTMF decoder
  66. (fun stuff, eh?)
  67. Teleworker Ted
  68. envy
  69. grudge
  70. hang up Ted
  71. cell phone
  72. devious
  73. mix in new background
  74. amusement park
  75. screaming kids
  76. dog
  77. Ted’s dog
  78. endless barking
  79. no clue
  80. Process Paul
  81. new rules
  82. worked late
  83. wife
  84. female
  85. no clue
  86. ???
  87. insecure firewall
  88. family
  89. SIP softphone
  90. free long distance
  91. (toll fraud)
  92. Board conf calls
  93. revenues in the tank
  94. acquisition
  95. only hope
  96. IT outsourced
  97. job
  98. (Uh-oh)
  99. war
  100. SIP trunk
  101. unencrypted
  102. sniff CID
  103. lawyers
  104. CFO
  105. SIP Redirect
  106. random extension
  107. shipping
  108. HR
  109. labs
  110. kitchen
  111. ?
  112. acquire?
  113. @#$@?%$!
  114. SysAdmin Steve
  115. fix it
  116. DoS
  117. BYE
  118. hang up CEO
  119. set reload
  120. erase SIP registration
  121. busy
  122. packet flood
  123. degrade
  124. cell phones
  125. acquire?
  126. @#$@?%$!
  127. SysAdmin Steve
  128. fix it
  129. 3 strikes
  130. investigation
  131. truth
  132. discovered
  133. heart attack
  134. SIP trunk
  135. unencrypted
  136. corporate conversations
  137. public Internet
  138. clear
  139. call records
  140. public Internet
  141. cleartext
  142. (not good)
  143. plan
  144. Fire Joe!
  145. defense in depth
  146. layers
  147. encryption
  148. voice
  149. call control
  150. LAN
  151. SIP trunk
  152. clueless
  153. new provider
  154. call accounting
  155. IP network
  156. VLANs
  157. IDS/IPS
  158. monitoring
  159. rate throttling
  160. secure perimeter
  161. firewall traversal
  162. firmware
  163. o/s patches
  164. disable services
  165. die, default passwords, die, die, die
  166. layers
  167. secure VoIP
  168. caveat
  169. internal
  170. disgruntled
  171. x%?
  172. compromised servers
  173. spyware
  174. unsecured WiFi
  175. (checked your parking lot lately?)
  176. offline analysis
  177. SIP trunk
  178. $$$
  179. security
  180. (differentiator?)
  181. Botnet Bob
  182. zombies
  183. fun
  184. profit
  185. Criminal Chris
  186. espionage
  187. identity theft
  188. human replay attack
  189. Spammer Sue
  190. SPIT
  191. 1,000s of calls
  192. “ significant event”
  193. Congressman
  194. mistress
  195. public official
  196. porn line
  197. identity theft
  198. 13-yr-old
  199. podcast
  200. Wall Street Journal
  201. “ VOIP IS INSECURE!”
  202. moral
  203. VoIP *can* be secure
  204. work
  205. plan
  206. questions
  207. education
  208. good news
  209. voipsa.org
  210. VOIPSA Threat Taxonomy
  211. VOIPSA Best Practices
  212. VOIPSEC mailing list
  213. blueboxpodcast.com
  214.  
  215. (if you’re not reading them, be aware the attackers ARE!)
  216. defense in depth
  217. layers and layers
  218. voice
  219. call control
  220. SIP trunks
  221. management interfaces / APIs
  222. PSTN interfaces
  223. PSTN
  224. voip = IP + PSTN
  225. it’s the network, stupid
  226. IP network
  227. voice = packets
  228. packets = bits
  229. bits can be manipulated
  230. VoIP *can* be secure
  231. work
  232. plan
  233. SysAdmin Steve?
  234. happily ever after?
  235. acquisition?
  236. job?
  237. CIO?
  238. another story
  239. To be continued...
  240. The End <ul><li>(or is it the beginning?) </li></ul>
  241. Please practice safe VoIP!
  242. Q&eh? <ul><li>www.voipsa.org www.voipsa.org/blog www.blueboxpodcast.com www.disruptivetelephony.com www.mitel.com </li></ul>
  243. Thank you <ul><li>(Please practice safe VoIP!) </li></ul>

×