SlideShare a Scribd company logo

Info secvoip

Quobis
Quobis

This document discusses VoIP security threats like fraud and denial of service attacks. It provides examples of VoIP fraud causing losses of thousands of dollars or euros. It also describes common VoIP attacks like extension/password brute forcing, INVITE attacks, and exploiting default passwords. The document demonstrates using the Metasploit framework to launch SIP-based denial of service floods and discusses countermeasures like firewalls, monitoring, and session border controllers. It includes exercise notes about configuring Kamailio to defend a VoIP provider serving a lawless island from various attacks.

1 of 23
Download to read offline
InfoSec & VoIP Laboratorio de conmutación Jesús Pérez Rubio jesus.perez@quobis.com @jesusprubio 25/09/2012 http://www.quobis.com
Contents - VoIP fraud examples - VoIP threats "in the wild" - VoIP & DoS (flood) - Demo: Metasploit SIPflood module - Countermeasurements - Exercise notes
VoIP fraud examples (I) - 1 month -> 60.000 $ - 1/2 day -> 23.000 min. -> 15.000 euros - 46 h. -> 11.000 calls -> 120.000 $ - 500.000 calls -> 1.000.000 $ ... - http://shadowcommunications.co.uk/ (Offline) - 1.500.000 calls - 11.000.000 euros - 42 individuals
VoIP fraud examples (II)
VoIP threats "in the wild" - NO eavesdropping, password cracking, etc. (this time) -> Encryption - Extension/password brute-force - INVITE attack - Default web panel passwords - DoS/DDoS flood
Extension/password brute-force (I)
Extension/password brute-force (II)
INVITE attack sip:+442032988741 sip:+000442032988741@XX.YY.ZZ.189 sip:1442032988742@XX.YY.ZZ.189
INVITE attack sip:+442032988741 sip:+000442032988741@XX.YY.ZZ.189 sip:1442032988742@XX.YY.ZZ.189 - INVITE authentication -> Kamailio WIN!
Default web panel passwords (I)
Default web panel passwords (II)
Default web panel passwords (III)
DoS - DoS (Denial of service) - Types: - Communication interruption - Malfomed packets (Teardrop) - Physical destruction - Flood - DDoS - Tools: LOIC, Hulk, Aircrack-ng, Exploit-DB
DoS (Impact)
VoIP & DoS - Impact! vs. (web application) - Application layer -> Increase performance - SIP proxy vs. PBX - Tools: - Malformed packets: - Fuzzing (Voiper) - Flood: - Sipvicious - udpflood, inviteflood, rtpflood, iaxflooder - SIPp - Problems: - Old - Diversity of languages -> Complex use/customize - Lack of report generation mechanism
SIPflood (REGISTER)
SIPflood (INVITE)
SIPflood_tcp (INVITE)
SIPflood_DDoS (INVITE)
Countermeasurements - General - Firewall - Secure passwords - Upgrades - Specific: - Monitoring - Fail2ban - ?¿ module (Kamailio) - IDS/IPS (Snort/Prelude) - Session Border Controller (SBC)
References - http://blog.sipvicious.org/2010/12/11-million-euro-loss-in-voip-fraud-and.html -http://www.securitybydefault.com/2012/03/desarrollando-para-metasploit-ii.html - http://code.google.com/p/metasploit/source/browse/sip/sipflood.rb - http://kb.asipto.com/kamailio:usage:k31-sip-scanning-attack - http://saghul.net/blog/2010/06/17/deteniendo-un-sip-flood-con-opensips-y-el- modulo-pike/ - http://www.kamailio.org/docs/modules/1.4.x/pike.html - http://kamailio.org/docs/modules/devel/modules/pipelimit.html - http://kamailio.org/docs/modules/1.4.x/ratelimit.html - http://nicerosniunos.blogspot.com.es/2011/09/voip-information-gathering-metasploit. html - http://nicerosniunos.blogspot.com.es/2012/07/bruteforcing-sip-extensions-with.html - http://code.google.com/p/sipvicious/w/list - http://blog.sipvicious.org/ - http://blog.pepelux.org/2012/02/15/asterisk-invite-attack/ - http://www.hackingvoip.com/ - http://www.offensive-security.com/metasploit-unleashed/Main_Page - http://www.securitybydefault.com/2012/09/riesgos-reales-en-voip.html - http://www.backtrack-linux.org/
Exercise notes -Option 3: you will configure Kamailio for Drake Island. This island has been a pirate refuge for centuries. This tradition survives and nowadays this island has the world highest cracker rate per km2. Last year we used SIPvicious toolkit to test the security of our Kamailio server. Though simple, it’s quite powerful, hacker community skills improve day after day so you must use more powerful tools. That’s the reason why this year will use the Metasploit modules implemented by our colleague jesus. perez@quobis.com to simulate DoS, DDoS and extension brute-force attacks. Your challenge in the practice option will be implement as many attacks and security methods as you can. The security of this operator is in your hands. The international prefix assigned for Drake Island is: 001788[6-7] - References - Any usefull (not exposed) generic attack/countermeasurement accepted - Metasploit SIP scan module (options.rb) bug -> SIPVicious accepted DEFENSE!! 1 attack vector -> 1 defense mechanism
? Pol. A Granxa P.260 36400 Porriño (Spain) Tlf. +34 902 999 465 SIP://sip.quobis.com http://www.quobis.com

Recommended

Monica Salas & Raul Siles - Hype Potter and the Chamber of DNSSECrets [rooted...
Monica Salas & Raul Siles - Hype Potter and the Chamber of DNSSECrets [rooted...Monica Salas & Raul Siles - Hype Potter and the Chamber of DNSSECrets [rooted...
Monica Salas & Raul Siles - Hype Potter and the Chamber of DNSSECrets [rooted...
RootedCON
 
Navy Cyber Defense Operations Command: Commander Task Force 1020
Navy Cyber Defense Operations Command: Commander Task Force 1020Navy Cyber Defense Operations Command: Commander Task Force 1020
Navy Cyber Defense Operations Command: Commander Task Force 1020
DLT Solutions
 
MMW June 2016: The Rise and Fall of Angler
MMW June 2016: The Rise and Fall of Angler MMW June 2016: The Rise and Fall of Angler
MMW June 2016: The Rise and Fall of Angler
Marci Bontadelli
 
Neo900: Crafting The Private Phone
Neo900: Crafting The Private PhoneNeo900: Crafting The Private Phone
Neo900: Crafting The Private Phone
Sebastian Krzyszkowiak
 
Panic Room Brochure 2014 email
Panic Room Brochure 2014 emailPanic Room Brochure 2014 email
Panic Room Brochure 2014 email
Paul Weldon
 
Hacking SIP Like a Boss!
Hacking SIP Like a Boss!Hacking SIP Like a Boss!
Hacking SIP Like a Boss!
Fatih Ozavci
 
PLNOG 5: Rainer Baeder - Fortinet Overview, Fortinet VoIP Security
PLNOG 5: Rainer Baeder - Fortinet Overview, Fortinet VoIP SecurityPLNOG 5: Rainer Baeder - Fortinet Overview, Fortinet VoIP Security
PLNOG 5: Rainer Baeder - Fortinet Overview, Fortinet VoIP Security
PROIDEA
 
Number one-issue-voip-today-fraud
Number one-issue-voip-today-fraudNumber one-issue-voip-today-fraud
Number one-issue-voip-today-fraud
Flavio Eduardo de Andrade Goncalves
 

Recommended

Monica Salas & Raul Siles - Hype Potter and the Chamber of DNSSECrets [rooted...
Monica Salas & Raul Siles - Hype Potter and the Chamber of DNSSECrets [rooted...Monica Salas & Raul Siles - Hype Potter and the Chamber of DNSSECrets [rooted...
Monica Salas & Raul Siles - Hype Potter and the Chamber of DNSSECrets [rooted...
RootedCON
 
Navy Cyber Defense Operations Command: Commander Task Force 1020
Navy Cyber Defense Operations Command: Commander Task Force 1020Navy Cyber Defense Operations Command: Commander Task Force 1020
Navy Cyber Defense Operations Command: Commander Task Force 1020
DLT Solutions
 
MMW June 2016: The Rise and Fall of Angler
MMW June 2016: The Rise and Fall of Angler MMW June 2016: The Rise and Fall of Angler
MMW June 2016: The Rise and Fall of Angler
Marci Bontadelli
 
Neo900: Crafting The Private Phone
Neo900: Crafting The Private PhoneNeo900: Crafting The Private Phone
Neo900: Crafting The Private Phone
Sebastian Krzyszkowiak
 
Panic Room Brochure 2014 email
Panic Room Brochure 2014 emailPanic Room Brochure 2014 email
Panic Room Brochure 2014 email
Paul Weldon
 
Hacking SIP Like a Boss!
Hacking SIP Like a Boss!Hacking SIP Like a Boss!
Hacking SIP Like a Boss!
Fatih Ozavci
 
PLNOG 5: Rainer Baeder - Fortinet Overview, Fortinet VoIP Security
PLNOG 5: Rainer Baeder - Fortinet Overview, Fortinet VoIP SecurityPLNOG 5: Rainer Baeder - Fortinet Overview, Fortinet VoIP Security
PLNOG 5: Rainer Baeder - Fortinet Overview, Fortinet VoIP Security
PROIDEA
 
Number one-issue-voip-today-fraud
Number one-issue-voip-today-fraudNumber one-issue-voip-today-fraud
Number one-issue-voip-today-fraud
Flavio Eduardo de Andrade Goncalves
 
The Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecurityThe Four Horsemen of Mobile Security
The Four Horsemen of Mobile Security
Skycure
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip security
Meletis Belsis MPhil/MRes/BSc
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation Security
Cybera Inc.
 
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
SWITCHPOINT NV/SA
 
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PROIDEA
 
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
SWITCHPOINT NV/SA
 
Ride the Light
Ride the LightRide the Light
Ride the Light
Michelle Davies (Hryvnak)
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
Cisco Canada
 
PacNOG 22: Intrusion in cybsecurity - observations from Honeynet data
PacNOG 22: Intrusion in cybsecurity - observations from Honeynet dataPacNOG 22: Intrusion in cybsecurity - observations from Honeynet data
PacNOG 22: Intrusion in cybsecurity - observations from Honeynet data
APNIC
 
Connecting Syria's Refugees
Connecting Syria's RefugeesConnecting Syria's Refugees
Connecting Syria's Refugees
Cisco Crisis Response
 
No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014
Flavio Eduardo de Andrade Goncalves
 
SAP (In)Security: New and Best
SAP (In)Security: New and BestSAP (In)Security: New and Best
SAP (In)Security: New and Best
Positive Hack Days
 
Philippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTsPhilippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTs
APNIC
 
Denial of services : limiting the threat
Denial of services : limiting the threatDenial of services : limiting the threat
Denial of services : limiting the threat
SensePost
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS Protection
MarketingArrowECS_CZ
 
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Zoltan Balazs
 
SAP security in figures
SAP security in figuresSAP security in figures
SAP security in figures
ERPScan
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
African Cyber Security Summit
 
2012: The End of the World?
2012: The End of the World?2012: The End of the World?
2012: The End of the World?
Saumil Shah
 
Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...
Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...
Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...
Diego Kreutz
 
[REPORT] Comunicaciones Unificadas y Colaboración (UCC)
[REPORT] Comunicaciones Unificadas y Colaboración (UCC)[REPORT] Comunicaciones Unificadas y Colaboración (UCC)
[REPORT] Comunicaciones Unificadas y Colaboración (UCC)
Quobis
 
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
Quobis
 

More Related Content

Similar to Info secvoip

The Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecurityThe Four Horsemen of Mobile Security
The Four Horsemen of Mobile Security
Skycure
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip security
Meletis Belsis MPhil/MRes/BSc
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation Security
Cybera Inc.
 
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
SWITCHPOINT NV/SA
 
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PROIDEA
 
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
SWITCHPOINT NV/SA
 
Ride the Light
Ride the LightRide the Light
Ride the Light
Michelle Davies (Hryvnak)
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
Cisco Canada
 
PacNOG 22: Intrusion in cybsecurity - observations from Honeynet data
PacNOG 22: Intrusion in cybsecurity - observations from Honeynet dataPacNOG 22: Intrusion in cybsecurity - observations from Honeynet data
PacNOG 22: Intrusion in cybsecurity - observations from Honeynet data
APNIC
 
Connecting Syria's Refugees
Connecting Syria's RefugeesConnecting Syria's Refugees
Connecting Syria's Refugees
Cisco Crisis Response
 
No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014
Flavio Eduardo de Andrade Goncalves
 
SAP (In)Security: New and Best
SAP (In)Security: New and BestSAP (In)Security: New and Best
SAP (In)Security: New and Best
Positive Hack Days
 
Philippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTsPhilippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTs
APNIC
 
Denial of services : limiting the threat
Denial of services : limiting the threatDenial of services : limiting the threat
Denial of services : limiting the threat
SensePost
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS Protection
MarketingArrowECS_CZ
 
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Zoltan Balazs
 
SAP security in figures
SAP security in figuresSAP security in figures
SAP security in figures
ERPScan
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
African Cyber Security Summit
 
2012: The End of the World?
2012: The End of the World?2012: The End of the World?
2012: The End of the World?
Saumil Shah
 
Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...
Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...
Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...
Diego Kreutz
 

Similar to Info secvoip (20)

The Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecurityThe Four Horsemen of Mobile Security
The Four Horsemen of Mobile Security
 
Meletis Belsis - Voip security
Meletis Belsis - Voip securityMeletis Belsis - Voip security
Meletis Belsis - Voip security
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation Security
 
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experien...
 
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks
 
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
PALO ALTO presentation used during the SWITCHPOINT NV/SA Quarterly Experience...
 
Ride the Light
Ride the LightRide the Light
Ride the Light
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
 
PacNOG 22: Intrusion in cybsecurity - observations from Honeynet data
PacNOG 22: Intrusion in cybsecurity - observations from Honeynet dataPacNOG 22: Intrusion in cybsecurity - observations from Honeynet data
PacNOG 22: Intrusion in cybsecurity - observations from Honeynet data
 
Connecting Syria's Refugees
Connecting Syria's RefugeesConnecting Syria's Refugees
Connecting Syria's Refugees
 
No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014
 
SAP (In)Security: New and Best
SAP (In)Security: New and BestSAP (In)Security: New and Best
SAP (In)Security: New and Best
 
Philippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTsPhilippines Cybersecurity Conference 2021: The role of CERTs
Philippines Cybersecurity Conference 2021: The role of CERTs
 
Denial of services : limiting the threat
Denial of services : limiting the threatDenial of services : limiting the threat
Denial of services : limiting the threat
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS Protection
 
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
 
SAP security in figures
SAP security in figuresSAP security in figures
SAP security in figures
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
 
2012: The End of the World?
2012: The End of the World?2012: The End of the World?
2012: The End of the World?
 
Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...
Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...
Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and oppo...
 

More from Quobis

[REPORT] Comunicaciones Unificadas y Colaboración (UCC)
[REPORT] Comunicaciones Unificadas y Colaboración (UCC)[REPORT] Comunicaciones Unificadas y Colaboración (UCC)
[REPORT] Comunicaciones Unificadas y Colaboración (UCC)
Quobis
 
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
Quobis
 
Security and identity management on WebRTC
Security and identity management on WebRTCSecurity and identity management on WebRTC
Security and identity management on WebRTC
Quobis
 
An hour with WebRTC FIC UDC
An hour with WebRTC FIC UDCAn hour with WebRTC FIC UDC
An hour with WebRTC FIC UDC
Quobis
 
QUOBIS corporate portfolio
QUOBIS corporate portfolioQUOBIS corporate portfolio
QUOBIS corporate portfolio
Quobis
 
Webinar WebRTC HTML5 (english)
Webinar WebRTC HTML5 (english)Webinar WebRTC HTML5 (english)
Webinar WebRTC HTML5 (english)
Quobis
 
Webinar WebRTC y HTML5 (spanish) - Quobis
Webinar WebRTC y HTML5 (spanish) - QuobisWebinar WebRTC y HTML5 (spanish) - Quobis
Webinar WebRTC y HTML5 (spanish) - Quobis
Quobis
 
Presentacion kamailio uvigo_09262011
Presentacion kamailio uvigo_09262011Presentacion kamailio uvigo_09262011
Presentacion kamailio uvigo_09262011
Quobis
 
Kamailio practice Quobis-University of Vigo Laboratory of Commutation 2012-2...
Kamailio practice Quobis-University of Vigo Laboratory of Commutation 2012-2...Kamailio practice Quobis-University of Vigo Laboratory of Commutation 2012-2...
Kamailio practice Quobis-University of Vigo Laboratory of Commutation 2012-2...
Quobis
 
Webinar seguridad VoIP
Webinar seguridad VoIPWebinar seguridad VoIP
Webinar seguridad VoIP
Quobis
 
¿Cómo está cambiando la industria del call center?
¿Cómo está cambiando la industria del call center?¿Cómo está cambiando la industria del call center?
¿Cómo está cambiando la industria del call center?
Quobis
 
Presentacion vtdm
Presentacion vtdmPresentacion vtdm
Presentacion vtdm
Quobis
 
Presentation MultipleTalk
Presentation MultipleTalkPresentation MultipleTalk
Presentation MultipleTalk
Quobis
 
Quobis webinar Siete avances clave en la operabilidad de redes VoIP y NGN
Quobis webinar Siete avances clave en la operabilidad de redes VoIP y NGNQuobis webinar Siete avances clave en la operabilidad de redes VoIP y NGN
Quobis webinar Siete avances clave en la operabilidad de redes VoIP y NGN
Quobis
 
Presentation TalkStorage
Presentation TalkStoragePresentation TalkStorage
Presentation TalkStorage
Quobis
 
Presentation VoiceInstant
Presentation VoiceInstantPresentation VoiceInstant
Presentation VoiceInstant
Quobis
 
Quobis portfolio corporativo
Quobis portfolio corporativoQuobis portfolio corporativo
Quobis portfolio corporativo
Quobis
 
Quobis profile english 2010
Quobis profile english 2010Quobis profile english 2010
Quobis profile english 2010Quobis
 
Perfil Quobis
Perfil QuobisPerfil Quobis
Perfil Quobis
Quobis
 
Grupo Exportación Tic Galicia
Grupo Exportación Tic GaliciaGrupo Exportación Tic Galicia
Grupo Exportación Tic Galicia
Quobis
 

More from Quobis (20)

[REPORT] Comunicaciones Unificadas y Colaboración (UCC)
[REPORT] Comunicaciones Unificadas y Colaboración (UCC)[REPORT] Comunicaciones Unificadas y Colaboración (UCC)
[REPORT] Comunicaciones Unificadas y Colaboración (UCC)
 
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
VOIP2DAY 2015: "WebRTC security concerns, a real problem?"
 
Security and identity management on WebRTC
Security and identity management on WebRTCSecurity and identity management on WebRTC
Security and identity management on WebRTC
 
An hour with WebRTC FIC UDC
An hour with WebRTC FIC UDCAn hour with WebRTC FIC UDC
An hour with WebRTC FIC UDC
 
QUOBIS corporate portfolio
QUOBIS corporate portfolioQUOBIS corporate portfolio
QUOBIS corporate portfolio
 
Webinar WebRTC HTML5 (english)
Webinar WebRTC HTML5 (english)Webinar WebRTC HTML5 (english)
Webinar WebRTC HTML5 (english)
 
Webinar WebRTC y HTML5 (spanish) - Quobis
Webinar WebRTC y HTML5 (spanish) - QuobisWebinar WebRTC y HTML5 (spanish) - Quobis
Webinar WebRTC y HTML5 (spanish) - Quobis
 
Presentacion kamailio uvigo_09262011
Presentacion kamailio uvigo_09262011Presentacion kamailio uvigo_09262011
Presentacion kamailio uvigo_09262011
 
Kamailio practice Quobis-University of Vigo Laboratory of Commutation 2012-2...
Kamailio practice Quobis-University of Vigo Laboratory of Commutation 2012-2...Kamailio practice Quobis-University of Vigo Laboratory of Commutation 2012-2...
Kamailio practice Quobis-University of Vigo Laboratory of Commutation 2012-2...
 
Webinar seguridad VoIP
Webinar seguridad VoIPWebinar seguridad VoIP
Webinar seguridad VoIP
 
¿Cómo está cambiando la industria del call center?
¿Cómo está cambiando la industria del call center?¿Cómo está cambiando la industria del call center?
¿Cómo está cambiando la industria del call center?
 
Presentacion vtdm
Presentacion vtdmPresentacion vtdm
Presentacion vtdm
 
Presentation MultipleTalk
Presentation MultipleTalkPresentation MultipleTalk
Presentation MultipleTalk
 
Quobis webinar Siete avances clave en la operabilidad de redes VoIP y NGN
Quobis webinar Siete avances clave en la operabilidad de redes VoIP y NGNQuobis webinar Siete avances clave en la operabilidad de redes VoIP y NGN
Quobis webinar Siete avances clave en la operabilidad de redes VoIP y NGN
 
Presentation TalkStorage
Presentation TalkStoragePresentation TalkStorage
Presentation TalkStorage
 
Presentation VoiceInstant
Presentation VoiceInstantPresentation VoiceInstant
Presentation VoiceInstant
 
Quobis portfolio corporativo
Quobis portfolio corporativoQuobis portfolio corporativo
Quobis portfolio corporativo
 
Quobis profile english 2010
Quobis profile english 2010Quobis profile english 2010
Quobis profile english 2010
 
Perfil Quobis
Perfil QuobisPerfil Quobis
Perfil Quobis
 
Grupo Exportación Tic Galicia
Grupo Exportación Tic GaliciaGrupo Exportación Tic Galicia
Grupo Exportación Tic Galicia
 

Recently uploaded

Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
TIPNGVN2
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 

Recently uploaded (20)

Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 

Info secvoip

  • 1. InfoSec & VoIP Laboratorio de conmutación Jesús Pérez Rubio jesus.perez@quobis.com @jesusprubio 25/09/2012 http://www.quobis.com
  • 2. Contents - VoIP fraud examples - VoIP threats "in the wild" - VoIP & DoS (flood) - Demo: Metasploit SIPflood module - Countermeasurements - Exercise notes
  • 3. VoIP fraud examples (I) - 1 month -> 60.000 $ - 1/2 day -> 23.000 min. -> 15.000 euros - 46 h. -> 11.000 calls -> 120.000 $ - 500.000 calls -> 1.000.000 $ ... - http://shadowcommunications.co.uk/ (Offline) - 1.500.000 calls - 11.000.000 euros - 42 individuals
  • 5. VoIP threats "in the wild" - NO eavesdropping, password cracking, etc. (this time) -> Encryption - Extension/password brute-force - INVITE attack - Default web panel passwords - DoS/DDoS flood
  • 6. Extension/password brute-force (I)
  • 7. Extension/password brute-force (II)
  • 10. Default web panel passwords (I)
  • 11. Default web panel passwords (II)
  • 12. Default web panel passwords (III)
  • 13. DoS - DoS (Denial of service) - Types: - Communication interruption - Malfomed packets (Teardrop) - Physical destruction - Flood - DDoS - Tools: LOIC, Hulk, Aircrack-ng, Exploit-DB
  • 15. VoIP & DoS - Impact! vs. (web application) - Application layer -> Increase performance - SIP proxy vs. PBX - Tools: - Malformed packets: - Fuzzing (Voiper) - Flood: - Sipvicious - udpflood, inviteflood, rtpflood, iaxflooder - SIPp - Problems: - Old - Diversity of languages -> Complex use/customize - Lack of report generation mechanism
  • 20. Countermeasurements - General - Firewall - Secure passwords - Upgrades - Specific: - Monitoring - Fail2ban - ?¿ module (Kamailio) - IDS/IPS (Snort/Prelude) - Session Border Controller (SBC)
  • 21. References - http://blog.sipvicious.org/2010/12/11-million-euro-loss-in-voip-fraud-and.html -http://www.securitybydefault.com/2012/03/desarrollando-para-metasploit-ii.html - http://code.google.com/p/metasploit/source/browse/sip/sipflood.rb - http://kb.asipto.com/kamailio:usage:k31-sip-scanning-attack - http://saghul.net/blog/2010/06/17/deteniendo-un-sip-flood-con-opensips-y-el- modulo-pike/ - http://www.kamailio.org/docs/modules/1.4.x/pike.html - http://kamailio.org/docs/modules/devel/modules/pipelimit.html - http://kamailio.org/docs/modules/1.4.x/ratelimit.html - http://nicerosniunos.blogspot.com.es/2011/09/voip-information-gathering-metasploit. html - http://nicerosniunos.blogspot.com.es/2012/07/bruteforcing-sip-extensions-with.html - http://code.google.com/p/sipvicious/w/list - http://blog.sipvicious.org/ - http://blog.pepelux.org/2012/02/15/asterisk-invite-attack/ - http://www.hackingvoip.com/ - http://www.offensive-security.com/metasploit-unleashed/Main_Page - http://www.securitybydefault.com/2012/09/riesgos-reales-en-voip.html - http://www.backtrack-linux.org/
  • 22. Exercise notes -Option 3: you will configure Kamailio for Drake Island. This island has been a pirate refuge for centuries. This tradition survives and nowadays this island has the world highest cracker rate per km2. Last year we used SIPvicious toolkit to test the security of our Kamailio server. Though simple, it’s quite powerful, hacker community skills improve day after day so you must use more powerful tools. That’s the reason why this year will use the Metasploit modules implemented by our colleague jesus. perez@quobis.com to simulate DoS, DDoS and extension brute-force attacks. Your challenge in the practice option will be implement as many attacks and security methods as you can. The security of this operator is in your hands. The international prefix assigned for Drake Island is: 001788[6-7] - References - Any usefull (not exposed) generic attack/countermeasurement accepted - Metasploit SIP scan module (options.rb) bug -> SIPVicious accepted DEFENSE!! 1 attack vector -> 1 defense mechanism
  • 23. ? Pol. A Granxa P.260 36400 Porriño (Spain) Tlf. +34 902 999 465 SIP://sip.quobis.com http://www.quobis.com