SlideShare a Scribd company logo

Black Bag VoIP Security Review Emerging Telephony 2007

Dan York
Dan York

This document tells the story of SysAdmin Steve and his experiences securing a company's new VoIP phone system. It describes many potential security issues like unencrypted SIP trunks allowing sensitive calls and data to be intercepted. It emphasizes that while VoIP security can be challenging, applying defense-in-depth principles like encryption, firewalls, monitoring and secure configurations can help mitigate risks. The story suggests Steve works to educate colleagues and properly secure the system, but leaves his future at the company uncertain.

TechnologyBusiness
1 of 243
The Black Bag Security Review Dan York, CISSP Emerging Telephony 2007
The Story of SysAdmin Steve ,[object Object]
Once upon a time...
big company
smaller company
promotion
IT
phones, too!
new VoIP system
net head
V
Voice
SIP
open standard
Security Isn’t Possible
education
IP-PBX SIP Service Provider LAN Internet PSTN
cheap
merged
quit
?
new IT staff
Juvenile Joe
BOFH
read e-mail
monitor
comment
playground
exploit chaos
fun
ultimate truism
voice = packets
packets = bits
bits can be manipulated
“ VoIP security tools”
tools, tools, tools
voipsa.org
hackingvoip.com
sectools.org
tools, tools, tools
good
evil
test/defend
attack
perspective
white hat
black hat
wireshark ,[object Object]
 
cain & abel
RTP
WAV
MP3s
iPod
2-hour commute
corporate conversations
personal iPod
corporate conversations
personal iPod
(scared yet?)
conversations
PIN
voicemail PINs
banking PINs
DTMF decoder
(fun stuff, eh?)
Teleworker Ted
envy
grudge
hang up Ted
cell phone
devious
mix in new background
amusement park
screaming kids
dog
Ted’s dog
endless barking
no clue
Process Paul
new rules
worked late
wife
female
no clue
???
insecure firewall
family
SIP softphone
free long distance
(toll fraud)
Board conf calls
revenues in the tank
acquisition
only hope
IT outsourced
job
(Uh-oh)
war
SIP trunk
unencrypted
sniff CID
lawyers
CFO
SIP Redirect
random extension
shipping
HR
labs
kitchen
?
acquire?
@#$@?%$!
SysAdmin Steve
fix it
DoS
BYE
hang up CEO
set reload
erase SIP registration
busy
packet flood
degrade
cell phones
acquire?
@#$@?%$!
SysAdmin Steve
fix it
3 strikes
investigation
truth
discovered
heart attack
SIP trunk
unencrypted
corporate conversations
public Internet
clear
call records
public Internet
cleartext
(not good)
plan
Fire Joe!
defense in depth
layers
encryption
voice
call control
LAN
SIP trunk
clueless
new provider
call accounting
IP network
VLANs
IDS/IPS
monitoring
rate throttling
secure perimeter
firewall traversal
firmware
o/s patches
disable services
die, default passwords, die, die, die
layers
secure VoIP
caveat
internal
disgruntled
x%?
compromised servers
spyware
unsecured WiFi
(checked your parking lot lately?)
offline analysis
SIP trunk
$$$
security
(differentiator?)
Botnet Bob
zombies
fun
profit
Criminal Chris
espionage
identity theft
human replay attack
Spammer Sue
SPIT
1,000s of calls
“ significant event”
Congressman
mistress
public official
porn line
identity theft
13-yr-old
podcast
Wall Street Journal
“ VOIP IS INSECURE!”
moral
VoIP *can* be secure
work
plan
questions
education
good news
voipsa.org
VOIPSA Threat Taxonomy
VOIPSA Best Practices
VOIPSEC mailing list
blueboxpodcast.com
 
(if you’re not reading them, be aware the attackers ARE!)
defense in depth
layers and layers
voice
call control
SIP trunks
management interfaces / APIs
PSTN interfaces
PSTN
voip = IP + PSTN
it’s the network, stupid
IP network
voice = packets
packets = bits
bits can be manipulated
VoIP *can* be secure
work
plan
SysAdmin Steve?
happily ever after?
acquisition?
job?
CIO?
another story
To be continued...
The End ,[object Object]
Please practice safe VoIP!
Q&eh? ,[object Object]
Thank you ,[object Object]

Recommended

identity theft
identity theftidentity theft
identity theftHARICHANDRA MANDREKAR
 
Facebook Password Sniper
Facebook Password SniperFacebook Password Sniper
Facebook Password Sniperhellishyard9256
 
Qué es relata ( antes renata)
Qué es relata ( antes renata)Qué es relata ( antes renata)
Qué es relata ( antes renata)María Eugenia Gallo Arbeláez
 
Indital SS catalog
Indital SS catalogIndital SS catalog
Indital SS catalogPeggy Ciley
 
Biophoton.doc [modo de compatibilidad]
Biophoton.doc [modo de compatibilidad]Biophoton.doc [modo de compatibilidad]
Biophoton.doc [modo de compatibilidad]Xavi Gasset
 
Ceny a obsah dodávateľského prieskumu
Ceny a obsah dodávateľského prieskumuCeny a obsah dodávateľského prieskumu
Ceny a obsah dodávateľského prieskumuemtek
 
Promoción de lectura
Promoción de lecturaPromoción de lectura
Promoción de lecturalidamhm
 
2016 feb-04
2016 feb-042016 feb-04
2016 feb-04Andrés Alberto Chaves Gutierrez
 

Recommended

identity theft
identity theftidentity theft
identity theftHARICHANDRA MANDREKAR
 
Facebook Password Sniper
Facebook Password SniperFacebook Password Sniper
Facebook Password Sniperhellishyard9256
 
Qué es relata ( antes renata)
Qué es relata ( antes renata)Qué es relata ( antes renata)
Qué es relata ( antes renata)María Eugenia Gallo Arbeláez
 
Indital SS catalog
Indital SS catalogIndital SS catalog
Indital SS catalogPeggy Ciley
 
Biophoton.doc [modo de compatibilidad]
Biophoton.doc [modo de compatibilidad]Biophoton.doc [modo de compatibilidad]
Biophoton.doc [modo de compatibilidad]Xavi Gasset
 
Ceny a obsah dodávateľského prieskumu
Ceny a obsah dodávateľského prieskumuCeny a obsah dodávateľského prieskumu
Ceny a obsah dodávateľského prieskumuemtek
 
Promoción de lectura
Promoción de lecturaPromoción de lectura
Promoción de lecturalidamhm
 
2016 feb-04
2016 feb-042016 feb-04
2016 feb-04Andrés Alberto Chaves Gutierrez
 
Historia infor iri
Historia infor iriHistoria infor iri
Historia infor iriFabrica de Cimento do Cuanza Sul
 
Programa. Foro para la igualdad 2014 - octubre
Programa. Foro para la igualdad 2014 - octubrePrograma. Foro para la igualdad 2014 - octubre
Programa. Foro para la igualdad 2014 - octubreIrekia - EJGV
 
Open source enterprise search and retrieval platform
Open source enterprise search and retrieval platformOpen source enterprise search and retrieval platform
Open source enterprise search and retrieval platformmteutelink
 
Oscar david toro
Oscar david toroOscar david toro
Oscar david toroCamiilo Toro
 
Rafael Carranza: La Batalla de Yungay. 1939.
Rafael Carranza: La Batalla de Yungay. 1939.Rafael Carranza: La Batalla de Yungay. 1939.
Rafael Carranza: La Batalla de Yungay. 1939.Jhonny Antelo Films
 
54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...
54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...
54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...Irekia - EJGV
 
Precios reducidos
Precios reducidos Precios reducidos
Precios reducidos Estrella López Aguilar
 
Edisi nasional1710
Edisi nasional1710Edisi nasional1710
Edisi nasional1710epaperwol
 
Quién da mas
Quién da masQuién da mas
Quién da masLola Perez Oviedo
 
Sommerbuchtipps Ihrer Buchhandlung - Nordbuch Marketing
Sommerbuchtipps Ihrer Buchhandlung - Nordbuch MarketingSommerbuchtipps Ihrer Buchhandlung - Nordbuch Marketing
Sommerbuchtipps Ihrer Buchhandlung - Nordbuch MarketingNordbuch-Marketing
 
Guidebook+for+erasmus.doc
Guidebook+for+erasmus.docGuidebook+for+erasmus.doc
Guidebook+for+erasmus.docL. Delgado
 
Sobre el planeta del principito
Sobre el planeta del principitoSobre el planeta del principito
Sobre el planeta del principitoCRA LUMPIAQUE
 
fiesta del albariño maria sofia sp
fiesta del albariño maria sofia spfiesta del albariño maria sofia sp
fiesta del albariño maria sofia spPatricia Conde
 
HorizonsVol20Iss1_Online_spreads
HorizonsVol20Iss1_Online_spreadsHorizonsVol20Iss1_Online_spreads
HorizonsVol20Iss1_Online_spreadsMatt Corkery
 
Presentacion Plan de Unidad
Presentacion Plan de UnidadPresentacion Plan de Unidad
Presentacion Plan de Unidadivannia arias
 
Rsgn 2128-2014-minedu
Rsgn 2128-2014-mineduRsgn 2128-2014-minedu
Rsgn 2128-2014-mineduLuis Venero
 
Inc29 13-i
Inc29 13-iInc29 13-i
Inc29 13-iTomás Calderón
 
Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...Shailesh kumar
 
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best PracticesE Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best PracticesDan York
 
Ethical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyayEthical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyayChandra Prakash
 
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011shawn_merdinger
 
Information Security - A Discussion
Information Security - A DiscussionInformation Security - A Discussion
Information Security - A DiscussionKaushik Patra
 

More Related Content

Viewers also liked

Programa. Foro para la igualdad 2014 - octubre
Programa. Foro para la igualdad 2014 - octubrePrograma. Foro para la igualdad 2014 - octubre
Programa. Foro para la igualdad 2014 - octubreIrekia - EJGV
 
Open source enterprise search and retrieval platform
Open source enterprise search and retrieval platformOpen source enterprise search and retrieval platform
Open source enterprise search and retrieval platformmteutelink
 
Rafael Carranza: La Batalla de Yungay. 1939.
Rafael Carranza: La Batalla de Yungay. 1939.Rafael Carranza: La Batalla de Yungay. 1939.
Rafael Carranza: La Batalla de Yungay. 1939.Jhonny Antelo Films
 
54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...
54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...
54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...Irekia - EJGV
 
Edisi nasional1710
Edisi nasional1710Edisi nasional1710
Edisi nasional1710epaperwol
 
Sommerbuchtipps Ihrer Buchhandlung - Nordbuch Marketing
Sommerbuchtipps Ihrer Buchhandlung - Nordbuch MarketingSommerbuchtipps Ihrer Buchhandlung - Nordbuch Marketing
Sommerbuchtipps Ihrer Buchhandlung - Nordbuch MarketingNordbuch-Marketing
 
Guidebook+for+erasmus.doc
Guidebook+for+erasmus.docGuidebook+for+erasmus.doc
Guidebook+for+erasmus.docL. Delgado
 
Sobre el planeta del principito
Sobre el planeta del principitoSobre el planeta del principito
Sobre el planeta del principitoCRA LUMPIAQUE
 
fiesta del albariño maria sofia sp
fiesta del albariño maria sofia spfiesta del albariño maria sofia sp
fiesta del albariño maria sofia spPatricia Conde
 
HorizonsVol20Iss1_Online_spreads
HorizonsVol20Iss1_Online_spreadsHorizonsVol20Iss1_Online_spreads
HorizonsVol20Iss1_Online_spreadsMatt Corkery
 
Presentacion Plan de Unidad
Presentacion Plan de UnidadPresentacion Plan de Unidad
Presentacion Plan de Unidadivannia arias
 
Rsgn 2128-2014-minedu
Rsgn 2128-2014-mineduRsgn 2128-2014-minedu
Rsgn 2128-2014-mineduLuis Venero
 
Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...Shailesh kumar
 

Viewers also liked (18)

Historia infor iri
Historia infor iriHistoria infor iri
Historia infor iri
 
Programa. Foro para la igualdad 2014 - octubre
Programa. Foro para la igualdad 2014 - octubrePrograma. Foro para la igualdad 2014 - octubre
Programa. Foro para la igualdad 2014 - octubre
 
Open source enterprise search and retrieval platform
Open source enterprise search and retrieval platformOpen source enterprise search and retrieval platform
Open source enterprise search and retrieval platform
 
Oscar david toro
Oscar david toroOscar david toro
Oscar david toro
 
Rafael Carranza: La Batalla de Yungay. 1939.
Rafael Carranza: La Batalla de Yungay. 1939.Rafael Carranza: La Batalla de Yungay. 1939.
Rafael Carranza: La Batalla de Yungay. 1939.
 
54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...
54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...
54. Euskal Soziometroa -Bakea eta Bizikidetza / Sociometro Vasco 54 -Paz y Co...
 
Precios reducidos
Precios reducidos Precios reducidos
Precios reducidos
 
Edisi nasional1710
Edisi nasional1710Edisi nasional1710
Edisi nasional1710
 
Quién da mas
Quién da masQuién da mas
Quién da mas
 
Sommerbuchtipps Ihrer Buchhandlung - Nordbuch Marketing
Sommerbuchtipps Ihrer Buchhandlung - Nordbuch MarketingSommerbuchtipps Ihrer Buchhandlung - Nordbuch Marketing
Sommerbuchtipps Ihrer Buchhandlung - Nordbuch Marketing
 
Guidebook+for+erasmus.doc
Guidebook+for+erasmus.docGuidebook+for+erasmus.doc
Guidebook+for+erasmus.doc
 
Sobre el planeta del principito
Sobre el planeta del principitoSobre el planeta del principito
Sobre el planeta del principito
 
fiesta del albariño maria sofia sp
fiesta del albariño maria sofia spfiesta del albariño maria sofia sp
fiesta del albariño maria sofia sp
 
HorizonsVol20Iss1_Online_spreads
HorizonsVol20Iss1_Online_spreadsHorizonsVol20Iss1_Online_spreads
HorizonsVol20Iss1_Online_spreads
 
Presentacion Plan de Unidad
Presentacion Plan de UnidadPresentacion Plan de Unidad
Presentacion Plan de Unidad
 
Rsgn 2128-2014-minedu
Rsgn 2128-2014-mineduRsgn 2128-2014-minedu
Rsgn 2128-2014-minedu
 
Inc29 13-i
Inc29 13-iInc29 13-i
Inc29 13-i
 
Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...
 

Similar to Black Bag VoIP Security Review Emerging Telephony 2007

E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best PracticesE Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best PracticesDan York
 
Ethical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyayEthical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyayChandra Prakash
 
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011shawn_merdinger
 
Information Security - A Discussion
Information Security - A DiscussionInformation Security - A Discussion
Information Security - A DiscussionKaushik Patra
 
Top Five Internal Security Vulnerabilities
Top Five Internal Security VulnerabilitiesTop Five Internal Security Vulnerabilities
Top Five Internal Security VulnerabilitiesPeter Wood
 
Presence and the Real-Time Internet
Presence and the Real-Time InternetPresence and the Real-Time Internet
Presence and the Real-Time Internetstpeter
 
It’s time to boost VoIP network security
It’s time to boost VoIP network securityIt’s time to boost VoIP network security
It’s time to boost VoIP network securityBev Robb
 
Deconstructing Presence
Deconstructing PresenceDeconstructing Presence
Deconstructing PresencePhil Wolff
 
Dave Troy's Presentation at eComm 2008
Dave Troy's Presentation at eComm 2008Dave Troy's Presentation at eComm 2008
Dave Troy's Presentation at eComm 2008eComm2008
 
Protect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacksProtect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacksRohan Fernandes
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hackingsatish kumar
 
Technology Safety Practices
Technology Safety PracticesTechnology Safety Practices
Technology Safety PracticesShireen Mitchell
 
VoIP Security 101 what you need to know
VoIP Security 101 what you need to knowVoIP Security 101 what you need to know
VoIP Security 101 what you need to knowEric Klein
 
Network Security
Network SecurityNetwork Security
Network Securityhj43us
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII studentsAkiumi Hasegawa
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to InfrastructureJorge Orchilles
 

Similar to Black Bag VoIP Security Review Emerging Telephony 2007 (20)

E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best PracticesE Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
E Tel2007 Black Bag Session - VoIP Security Threats, Tools and Best Practices
 
Ethical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyayEthical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyay
 
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
Weaponizing the Nokia N900 -- TakeDownCon, Dallas, 2011
 
Information Security - A Discussion
Information Security - A DiscussionInformation Security - A Discussion
Information Security - A Discussion
 
Top Five Internal Security Vulnerabilities
Top Five Internal Security VulnerabilitiesTop Five Internal Security Vulnerabilities
Top Five Internal Security Vulnerabilities
 
Amy mania - Put Words In My Mouth - DC2711 2019
Amy mania - Put Words In My Mouth - DC2711 2019Amy mania - Put Words In My Mouth - DC2711 2019
Amy mania - Put Words In My Mouth - DC2711 2019
 
Presence and the Real-Time Internet
Presence and the Real-Time InternetPresence and the Real-Time Internet
Presence and the Real-Time Internet
 
It’s time to boost VoIP network security
It’s time to boost VoIP network securityIt’s time to boost VoIP network security
It’s time to boost VoIP network security
 
Deconstructing Presence
Deconstructing PresenceDeconstructing Presence
Deconstructing Presence
 
Dave Troy's Presentation at eComm 2008
Dave Troy's Presentation at eComm 2008Dave Troy's Presentation at eComm 2008
Dave Troy's Presentation at eComm 2008
 
Protect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacksProtect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacks
 
Core Values Decision Sept
Core Values Decision SeptCore Values Decision Sept
Core Values Decision Sept
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hacking
 
Technology Safety Practices
Technology Safety PracticesTechnology Safety Practices
Technology Safety Practices
 
VoIP Security 101 what you need to know
VoIP Security 101 what you need to knowVoIP Security 101 what you need to know
VoIP Security 101 what you need to know
 
Network Security
Network SecurityNetwork Security
Network Security
 
Cybercrime and IT ACT
Cybercrime and IT ACTCybercrime and IT ACT
Cybercrime and IT ACT
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
Emerging Threats to Infrastructure
Emerging Threats to InfrastructureEmerging Threats to Infrastructure
Emerging Threats to Infrastructure
 

More from Dan York

Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible)
Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible) Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible)
Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible) Dan York
 
SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?Dan York
 
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?Dan York
 
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?Open Source and The Global Disruption Of Telecom: What Choices Will We Make?
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?Dan York
 
DNS / DNSSEC / DANE / DPRIVE Results at IETF93 Hackathon
DNS / DNSSEC / DANE / DPRIVE Results at IETF93 HackathonDNS / DNSSEC / DANE / DPRIVE Results at IETF93 Hackathon
DNS / DNSSEC / DANE / DPRIVE Results at IETF93 HackathonDan York
 
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)Dan York
 
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...Dan York
 
How IPv6 Will Kill Telecom - And What We Need To Do About It
How IPv6 Will Kill Telecom - And What We Need To Do About ItHow IPv6 Will Kill Telecom - And What We Need To Do About It
How IPv6 Will Kill Telecom - And What We Need To Do About ItDan York
 
SIP, Unified Communications (UC) and Security
SIP, Unified Communications (UC) and SecuritySIP, Unified Communications (UC) and Security
SIP, Unified Communications (UC) and SecurityDan York
 
ClueCon2009: The Security Saga of SysAdmin Steve
ClueCon2009: The Security Saga of SysAdmin SteveClueCon2009: The Security Saga of SysAdmin Steve
ClueCon2009: The Security Saga of SysAdmin SteveDan York
 
SIP Trunking & Security in an Enterprise Network
SIP Trunking & Security in an Enterprise NetworkSIP Trunking & Security in an Enterprise Network
SIP Trunking & Security in an Enterprise NetworkDan York
 
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XML
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XMLOSCON 2008: Mashing Up Voice and the Web Using Open Source and XML
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XMLDan York
 
IP Telephony Security 101
IP Telephony Security 101IP Telephony Security 101
IP Telephony Security 101Dan York
 
Recording Remote Hosts/Interviews with VoIP/Skype
Recording Remote Hosts/Interviews with VoIP/SkypeRecording Remote Hosts/Interviews with VoIP/Skype
Recording Remote Hosts/Interviews with VoIP/SkypeDan York
 
Hacking and Attacking VoIP Systems - What You Need To Know
Hacking and Attacking VoIP Systems - What You Need To KnowHacking and Attacking VoIP Systems - What You Need To Know
Hacking and Attacking VoIP Systems - What You Need To KnowDan York
 
BLISS Problem Statement and Motivation
BLISS Problem Statement and MotivationBLISS Problem Statement and Motivation
BLISS Problem Statement and MotivationDan York
 

More from Dan York (16)

Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible)
Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible) Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible)
Yes, IPv6 is Real! How To Make Your Apps Work (And Be As Fast As Possible)
 
SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?SIPNOC 2014 - Is It Time For TLS for SIP?
SIPNOC 2014 - Is It Time For TLS for SIP?
 
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?
A Choice Of Internet Futures: Will Nonprofits Be Stuck In The Slow Lane?
 
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?Open Source and The Global Disruption Of Telecom: What Choices Will We Make?
Open Source and The Global Disruption Of Telecom: What Choices Will We Make?
 
DNS / DNSSEC / DANE / DPRIVE Results at IETF93 Hackathon
DNS / DNSSEC / DANE / DPRIVE Results at IETF93 HackathonDNS / DNSSEC / DANE / DPRIVE Results at IETF93 Hackathon
DNS / DNSSEC / DANE / DPRIVE Results at IETF93 Hackathon
 
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)
Deploying New DNSSEC Algorithms (IEPG@IETF93 - July 2015)
 
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
The State of VoIP Security, a.k.a. “Does Anyone Really Give A _____ About VoI...
 
How IPv6 Will Kill Telecom - And What We Need To Do About It
How IPv6 Will Kill Telecom - And What We Need To Do About ItHow IPv6 Will Kill Telecom - And What We Need To Do About It
How IPv6 Will Kill Telecom - And What We Need To Do About It
 
SIP, Unified Communications (UC) and Security
SIP, Unified Communications (UC) and SecuritySIP, Unified Communications (UC) and Security
SIP, Unified Communications (UC) and Security
 
ClueCon2009: The Security Saga of SysAdmin Steve
ClueCon2009: The Security Saga of SysAdmin SteveClueCon2009: The Security Saga of SysAdmin Steve
ClueCon2009: The Security Saga of SysAdmin Steve
 
SIP Trunking & Security in an Enterprise Network
SIP Trunking & Security in an Enterprise NetworkSIP Trunking & Security in an Enterprise Network
SIP Trunking & Security in an Enterprise Network
 
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XML
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XMLOSCON 2008: Mashing Up Voice and the Web Using Open Source and XML
OSCON 2008: Mashing Up Voice and the Web Using Open Source and XML
 
IP Telephony Security 101
IP Telephony Security 101IP Telephony Security 101
IP Telephony Security 101
 
Recording Remote Hosts/Interviews with VoIP/Skype
Recording Remote Hosts/Interviews with VoIP/SkypeRecording Remote Hosts/Interviews with VoIP/Skype
Recording Remote Hosts/Interviews with VoIP/Skype
 
Hacking and Attacking VoIP Systems - What You Need To Know
Hacking and Attacking VoIP Systems - What You Need To KnowHacking and Attacking VoIP Systems - What You Need To Know
Hacking and Attacking VoIP Systems - What You Need To Know
 
BLISS Problem Statement and Motivation
BLISS Problem Statement and MotivationBLISS Problem Statement and Motivation
BLISS Problem Statement and Motivation
 

Recently uploaded

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 

Recently uploaded (20)

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 

Black Bag VoIP Security Review Emerging Telephony 2007