Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SIP, Unified Communications (UC) and Security

2,853 views

Published on

At the Ingate Systems SIP and Unified Communications Workshop in Los Angeles on October 4, 2010, Dan York gave this overview of the security issues facing unified communications systems and other VoIP systems based on the SIP protocol. He covered many of the topics discussed in his book, the "Seven Deadliest Unified Communications Attacks" - http://www.7ducattacks.com/

Published in: Technology
  • Be the first to comment

  • Be the first to like this

SIP, Unified Communications (UC) and Security

  1. 1. Dan York, CISSP VOIPSA Best Practices Chair October 4, 2010
  2. 2. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA andOwners as Marked
  3. 3. © 2010 VOIPSA and Owners as Marked PBX Voicemail Physical Wiring PSTN Gateways
  4. 4. © 2010 VOIPSA and Owners as Marked Physical Wiring IP Network IP-PBX Voicemail PSTN Gateways Mobile Devices IM Networks Web Servers Email Servers Desktop PCs Operating Systems Firewalls Internet Directory Servers VoIP CRM Systems Social Networks Database Servers Application Servers
  5. 5. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked
  6. 6. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked
  7. 7. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked
  8. 8. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked
  9. 9. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked Geography
  10. 10. © 2010 VOIPSA and Owners as Marked UC System Corp  HQ   InternetFirewal l Home Firewal l IP Phone PC Home  
  11. 11. © 2010 VOIPSA and Owners as Marked UC System Corp  HQ   InternetFirewall WiFi Café Router Mobile UC client Laptop UC client Mobile Data Network
  12. 12. © 2010 VOIPSA and Owners as Marked IM Corp  HQ   Corporate Network Presence Call Control IVR IM Office  A   Presence Call Control Voicemail IM Office  B   Presence Call Control PSTN Conferencing Internet
  13. 13. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked Internet LAN
  14. 14. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked Can you trust “the Cloud” to be there?
  15. 15. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked Carrier PSTN Carrier Carrier Carrier Carrier CarrierCarrier
  16. 16. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked ITSP PSTN ITSP ITSP ITSP ITSP ITSPITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP ITSP
  17. 17. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked
  18. 18. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked
  19. 19. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked
  20. 20. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked
  21. 21. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked
  22. 22. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked •  What does a traditional telemarketer need? •  Makes for great headlines, but not yet a significant threat •  Fear is script/tool that: – Iterates through calling SIP addresses: •  111@sip.company.com, 112@sip.company.com, … •  Opens an audio stream if call is answered (by person or voicemail) – Steals VoIP credentials and uses account to make calls •  Reality is that today such direct connections are generally not allowed •  This will change as companies make greater use of SIP trunking and/or directly connect IP-PBX systems to the Internet (and allow incoming calls from any other IP endpoint) •  Until that time, PSTN is de facto firewall SPAM
  23. 23. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked Security Vendors “The Sky Is Falling!” (Buy our products!) VoIP Vendors “Don’t Worry, Trust Us!” (Buy our products!)
  24. 24. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked Classification! Taxonomy of! Security Threats! Security! Research! Best Practices! for VoIP! Security! Security! System! Testing! Outreach! Communication! of Findings! Market and Social! Objectives and! Constraints! Published Active Now OngoingLEGEND •  www.voipsa.org – 100 members from VoIP and security industries •  VOIPSEC mailing list – www.voipsa.org/VOIPSEC/ •  “Voice of VOIPSA” Blog – www.voipsa.org/blog •  Blue Box: The VoIP Security Podcast – www.blueboxpodcast.com •  VoIP Security Threat Taxonomy •  Best Practices Project underway now
  25. 25. © 2010 VOIPSA and Owners as Marked www.voipsa.org/Resources/tools.php © 2010 VOIPSA and Owners as Marked
  26. 26. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked
  27. 27. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked •  VoIP Security Alliance - http://www.voipsa.org/ – Threat Taxonomy - http://www.voipsa.org/Activities/taxonomy.php – VOIPSEC email list - http://www.voipsa.org/VOIPSEC/ – Weblog - http://www.voipsa.org/blog/ – Security Tools list - http://www.voipsa.org/Resources/tools.php – Blue Box: The VoIP Security Podcast - http://www.blueboxpodcast.com •  NIST SP800-58, “Security Considerations for VoIP Systems” –  http://csrc.nist.gov/publications/nistpubs/800-58/SP800-58-final.pdf •  Network Security Tools –  http://sectools.org/ •  Hacking Exposed VoIP site and tools –  http://www.hackingvoip.com/ •  Seven Deadliest Unified Communications Attacks –  http://www.7ducattacks.com/
  28. 28. © 2010 VOIPSA and Owners as Marked© 2010 VOIPSA and Owners as Marked VoIP can be more secure than the PSTN if it is properly deployed.
  29. 29. www.voipsa.org Dan York - dan.york@voipsa.org

×