Be the first to like this
Unified Communications (UC) is widely used by larger organisations for video conferences, office collaboration, cloud services and mobile communications. These services also have key roles in the IP Multimedia Subsystem (IMS) implementations of next generation mobile networks. As a result of these, customers require unified collaboration; and the telecommunications industry offers managed communications services and infrastructure using UC and IMS technologies. These offerings also come with design issues, well-known security vulnerabilities and legacy services.
Security testing of communication networks, however, is underestimated, and mostly under-scoped. Due to the lack of time and resources, the results of the security tests are only providing a security illusion. On the other hand, the advanced VoIP and UC attacks can be much faster and efficient with a proper methodology used. Therefore, this talk aims to improve the testing skills of the assurance teams for better penetration testing results. The theme of the talk is on transferring the VoIP and UC knowledge from a phreak to penetration testers. This will be performed through practical attack demonstrations, testing tips and automated actions.