SIP Trunking & Security in an Enterprise Network

8,809 views

Published on

How secure are your VoIP systems as you deploy SIP-based systems in an enterprise environment? In this slide deck presented by VOIPSA Best Practices Chair Dan York at the Ingate SIP Trunking Seminars at ITEXPO September 17, 2008, Dan York walks through the security issues related to VoIP (with a focus on SIP trunking), the tools out there to attack/test VoIP systems, best practices and resources. (An audio recording of this session was made and will be available.)

Published in: Technology, Business
1 Comment
9 Likes
Statistics
Notes
No Downloads
Views
Total views
8,809
On SlideShare
0
From Embeds
0
Number of Embeds
498
Actions
Shares
0
Downloads
446
Comments
1
Likes
9
Embeds 0
No embeds

No notes for slide

SIP Trunking & Security in an Enterprise Network

  1. 1. SIP Trunking & Security in an Enterprise Network Dan York, CISSP VOIPSA Best Practices Chair September 17, 2008
  2. 2. © 2008 VOIPSA and Owners as Marked
  3. 3. Privacy Availability Compliance Confidence Mobility Cost Avoidance Business Continuity © 2008 VOIPSA and Owners as Marked
  4. 4. © 2008 VOIPSA and Owners as Marked
  5. 5. © 2008 VOIPSA and Owners as Marked
  6. 6. © 2008 VOIPSA and Owners as Marked
  7. 7. © 2008 VOIPSA and Owners as Marked
  8. 8. TDM security is relatively simple... PSTN Gateways TDM Switch Physical Voicemail Wiring © 2008 VOIPSA and Owners as Marked
  9. 9. VoIP security is more complex Operating Desktop PSTN E-mail Systems PCs Gateways Systems Network Web Firewalls Switches Servers Standards Voice over PDAs Wireless Instant IP Devices Messaging Directories Internet Databases Physical Voicemail Wiring © 2008 VOIPSA and Owners as Marked
  10. 10. VoIP can be more secure than the PSTN if it is properly deployed. © 2008 VOIPSA and Owners as Marked
  11. 11. VoIP Security Concerns
  12. 12. Security concerns in telephony are not new… Image courtesy of the Computer History Museum © 2008 VOIPSA and Owners as Marked
  13. 13. Nor are our attempts to protect against threats… Image courtesy of Mike Sandman – http://www.sandman.com/ © 2008 VOIPSA and Owners as Marked
  14. 14. Security Aspects of IP Telephony Media / Voice Manage TCP/IP Call ment Network Control PSTN Policy © 2008 VOIPSA and Owners as Marked
  15. 15. Media Eavesdropping Degraded Voice Quality Encryption Virtual LANs (VLANs) Packet Filtering © 2008 VOIPSA and Owners as Marked
  16. 16. Signaling Denial of Service Impersonation Toll Fraud Encryption Encrypted Phone Software Proper Programming © 2008 VOIPSA and Owners as Marked
  17. 17. Management Web Interfaces APIs! Phones! Encryption Change Default Passwords! Patches? We don’t need... © 2008 VOIPSA and Owners as Marked
  18. 18. PSTN © 2008 VOIPSA and Owners as Marked
  19. 19. Geography © 2008 VOIPSA and Owners as Marked
  20. 20. Internet LAN © 2008 VOIPSA and Owners as Marked
  21. 21. SIP Trunking
  22. 22. The Challenge of SIP Trunking PSTN SIP Service Provider Internet IP-PBX LAN © 2008 VOIPSA and Owners as Marked
  23. 23. SIP Trunking PSTN SIP Service Provider Carrier Network IP-PBX LAN © 2008 VOIPSA and Owners as Marked
  24. 24. The Challenge of SIP Trunking PSTN SIP Service Provider Internet IP-PBX LAN © 2008 VOIPSA and Owners as Marked
  25. 25. SIP Trunking - Business Continuity PSTN SIP Service Provider SIP Service Internet Provider IP-PBX LAN © 2008 VOIPSA and Owners as Marked
  26. 26. SIP Trunking - Business Continuity PSTN SIP Service Provider SIP Service Internet Provider IP-PBX SIP Service LAN Provider © 2008 VOIPSA and Owners as Marked
  27. 27. Cloud Computing
  28. 28. Geography © 2008 VOIPSA and Owners as Marked
  29. 29. Moving Voice Applications into “the Cloud” Application Platform Internet / WAN IP-PBX LAN PSTN © 2008 VOIPSA and Owners as Marked
  30. 30. Moving Telephony into “the Cloud” Hosted “IP-PBX” Internet / WAN Firewall LAN PSTN © 2008 VOIPSA and Owners as Marked
  31. 31. Can you trust “the Cloud” to be there? © 2008 VOIPSA and Owners as Marked
  32. 32. Questions for SIP Trunk Providers or Cloud Computing Platforms? • What kind of availability guarantees / Service Level Agreements (SLAs) does the platform vendor provide? • What kind of geographic redundancy is built into the underlying network? • What kind of network redundancy is built into the underlying network? • What kind of physical redundancy is built into the data centers? • What kind of monitoring does the vendor perform? • What kind of scalability is in the cloud computing platform? • What kind of security, both network and physical, is part of the computing platform? • Finally, what will the vendor do if there is downtime? Will the downtime be reflected in your bill? © 2008 VOIPSA and Owners as Marked
  33. 33. Spam / SPIT
  34. 34. What about SPIT? (“SPam over Internet Telephony”) • What does a traditional telemarketer need? • Makes for great headlines, but not yet a significant threat • Fear is script/tool that: – Iterates through calling SIP addresses: • 111@sip.company.com, 112@sip.company.com, … • Opens an audio stream if call is answered (by person or voicemail) – Steals VoIP credentials and uses account to make calls • Reality is that today such direct connections are generally not allowed • This will change as companies make greater use of SIP trunking and/or directly connect IP-PBX systems to the Internet (and allow incoming calls SPAM from any other IP endpoint) • Until that time, PSTN is de facto firewall © 2008 VOIPSA and Owners as Marked
  35. 35. Resources
  36. 36. What is the Industry Doing to Help? Security Vendors VoIP Vendors “The Sky Is Falling!” “Don’t Worry, Trust Us!” (Buy our products!) (Buy our products!) © 2008 VOIPSA and Owners as Marked
  37. 37. Voice Over IP Security Alliance (VOIPSA) • www.voipsa.org – 100 members from VoIP and security industries • VOIPSEC mailing list – www.voipsa.org/VOIPSEC/ • “Voice of VOIPSA” Blog – www.voipsa.org/blog • Blue Box: The VoIP Security Podcast – www.blueboxpodcast.com • VoIP Security Threat Taxonomy • Best Practices Project underway now Security Research Market and Social Classification Best Practices Outreach Objectives and Taxonomy of for VoIP Communication Constraints Security Threats Security of Findings Security System Testing LEGEND Published Active Now Ongoing © 2008 VOIPSA and Owners as Marked
  38. 38. www.voipsa.org/Resources/tools.php © 2008 VOIPSA and Owners as Marked
  39. 39. © 2008 VOIPSA and Owners as Marked
  40. 40. Tools, tools, tools... • UDP Flooder • Asteroid • IAX Flooder • enumIAX • IAX Enumerator • iWar • ohrwurm RTP Fuzzer • StegRTP • RTP Flooder • VoiPong • INVITE Flooder • Web Interface for SIP Trace • AuthTool • SIPScan • BYE Teardown • SIPCrack • Redirect Poison • SiVuS • Registration Hijacker • SIPVicious Tool Suite • Registration Eraser • SIPBomber • RTP InsertSound • SIPsak • RTP MixSound • SIP bot • SPITTER © 2008 VOIPSA and Owners as Marked
  41. 41. Security Links • VoIP Security Alliance - http://www.voipsa.org/ – Threat Taxonomy - http://www.voipsa.org/Activities/taxonomy.php – VOIPSEC email list - http://www.voipsa.org/VOIPSEC/ – Weblog - http://www.voipsa.org/blog/ – Security Tools list - http://www.voipsa.org/Resources/tools.php – Blue Box: The VoIP Security Podcast - http://www.blueboxpodcast.com • NIST SP800-58, “Security Considerations for VoIP Systems” – http://csrc.nist.gov/publications/nistpubs/800-58/SP800-58-final.pdf • Network Security Tools – http://sectools.org/ • Hacking Exposed VoIP site and tools – http://www.hackingvoip.com/ © 2008 VOIPSA and Owners as Marked
  42. 42. VoIP can be more secure than the PSTN if it is properly deployed. © 2008 VOIPSA and Owners as Marked
  43. 43. Q&eh? www.voipsa.org Dan York - dyork@voxeo.com

×