A Listener Among the Static: Christian Prescott Gabriel Fair Security and Voice over IP.

Slides:

Advertisements

Similar presentations

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

Advertisements

Voice Security Interop 2009 Mark D. Collier SecureLogix Corporation

Introducing VoIP Voice Over Internet Protocol. What is VoIP? Hardware and Software that enables users to use Internet as a transmission medium for telephone.

SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer

Addressing Security Issues IT Expo East Addressing Security Issues Unified Communications SIP Communications in a UC Environment.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Networking Academy Advanced Technology Update June 19, 2008.

INTRODUCTION TO COMPUTER NETWORKS Zeeshan Abbas. Introduction to Computer Networks INTRODUCTION TO COMPUTER NETWORKS.

EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU

CANTO – 2006 Information Security and Voice over IP (VoIP) Robert Potvin, CISSP VP - Strategic Consulting June 21st, 2006.

BAI613 Module 2 - Voice over IP Technology. Module Objectives 1. Describe the benefits of IP Telephony/Packet Telephony/VoIP over traditional telephone.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Nicolas FISCHBACH Senior Manager, IP Engineering/Security - COLT Telecom - version 1.0 Voice over IP (VoIP)

1 MITP 458 : Information Security and Assurance VOIP Xeon Group Rohit Bhat Ryan Hannan Alan Mui Irfan Siddiqui.

Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,

A Hybrid and Cross-Protocol Architecture with Semantics and Syntax Awareness to Improve Intrusion Detection Efficiency in Voice over IP Environments Department.

1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.

The study and demonstration on SIP security vulnerabilities Mahidhar Penigi Vamsi Krishna Karnati.

1 Copyright © 2005, Cisco Systems, Inc. All rights reserved. Applying Security Principles to Networking Applications Mark Enright Dec.

Solutions for SIP The SIP enabler We enable SIP communication for business What the E-SBC can do for you.

TeleWall, TeleSweep Secure, TeleAudit, TeleVPN, ETM, TeleView, TeleBridge, TeleIDS, TeleWall NET, SecureLogix, SecureLogix Corporation and the SecureLogix.

Voice Systems Security It’s not just about toll fraud anymore Chuck Dunbar Voice Systems Network Engineer Wells Fargo.

1 Chapter 19 Networks. 2 What’s Inside and on the CD? In this chapter you’ll learn: –Basic network terminology –To identify network components –About.

1 VOIP Network Threats Let the subscribers beware Gerard Wilkes October 24, 2006.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

5/3/2006 tlpham VOIP/Security 1 Voice Over IP and Security By Thao L. Pham CS 525.

Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen Dr. Mark Stamp SJSU - CS 265 Spring 2003 STEM is proposed as a solution to network vulnerabilities,

Rajeev Bevara CS-555 Security Threats in VoIP. What is VoIP ? ➔ VOIP - Voice Over Internet Protocol. ➔ Delivery of voice communications and multimedia.

October 6 University Faculty of Information Systems & Computer Science.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Data Centers and IP PBXs LAN Structures Private Clouds IP PBX Architecture IP PBX Hosting.

VoIP Security Sanjay Kalra Juniper Networks September 10-12, 2007 Los Angeles Convention Center Los Angeles, California 3 VoIP Issues.

Joel Maloff Phone.com February, 2012.

By: Christopher Henderson.  What is VoIP?  How is it being used?  VoIP’s main Security Threats.  Availability of Service  Integrity of Service 

Improving Customer Satisfaction Through Advances in Remote Management Technology Greg Michel Product Manager Quintum Technologies Inc.

IT Expo SECURITY Scott Beer Director, Product Support Ingate

Common Misconceptions Alan D. Percy Director of Market Development The Truth of Enterprise SIP Security.

Voice over IP Fundamentals M. Arvai NEC Senior Technical Eng. 1.

October 10-13, 2006 San Diego Convention Center, San Diego California Taking IP Security to the Next Level Real-time threat mitigation.

VOIP (Voice Over Internet Protocol) CDA 4527 Fall 2006.

Copyright Security-Assessment.com 2005 VoIP 2 Is free too Expensive? by Darren Bilby and Nick von Dadelszen.

Ingate & Dialogic Technical Presentation SIP Trunking Focused.

Communication System Design, KTH1 Security And Availability For Wireless Communication Organization Post & Telestyrelse : Anders Rafting Coach : Lars Adolfsson.

Agenda Voice Security Architecture VoIP Risk VoIP threats Service disruption Design Consideration Attacks.

VoIP security : Not an Afterthought. OVERVIEW What is VoIP? Difference between PSTN and VoIP. Why VoIP? VoIP Security threats Security concerns Design.

Copyright Security-Assessment.com 2004 Security-Assessment.com Hacking VoIP Is your Conversation confidential? by Nick von Dadelszen and Darren Bilby.

By Will Peeden.  Voice over Internet Protocol  A way to make phone calls over the internet.  A way to bypass the standard phone company and their charges.

Quintum Confidential and Proprietary 1 Quintum Technologies, Inc. Session Border Controller and VoIP Devices Behind Firewalls Tim Thornton, CTO.

VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.

» Jun 9, 2003 Speaker Verification Secure AND Efficient, Deployments in Finance and Banking Jonathan Moav Director of Marketing

Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.

Critical Danger: An Introduction to Cross Site Scripting Attacks for People Who Do not Know what Cross Site Scripting Attacks Are.

Chapter 4 Application Level Security in Cellular Networks.

VoIP Applications for the Small Business

Enterprise-Class Telephony on Wireless LANs Tom Alexander CTO VeriWave, Inc.

SIP Trunking As a Managed Service Why an E-SBC Matters By: Alon Cohen, CTO Phone.com.

Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.

Voice Over Internet Protocol (VoIP) Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Presentation 1 – Introduction to VoIP.

IP telephony is revolutionizing communications. Enhanced services, efficiency increases, and of course, cheaper long- distance are all playing a part in.

“End to End VoIP“ The Challenges of VoIP Access to the Enterprise Charles Rutledge VP Marketing Quintum Technologies

Chapter 12: Secure Communications and Network Attacks.

Voice over IP. ECE 499VoIP2 Introduction Basics of VoIP Comparisons with current phone systems VoIP Protocols VoIP Issues Telephone Regulation Future.

SIP & How It Relates To YOUR Business. Jeff S. Olson Director of Marco Carrier Services David Bailey-Aldrich Technology.

WHAT IS SO SPECIAL? Wireless Router Analogue Telephone Adaptor + SMCWTVG.

Copyright 2013 FairPoint Communications Network safety and security – Protecting your communications resources Karen Romano, Vice President, Government.

By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.

PABX Telecommunication System Suppliers in UAE

The study and demonstration on SIP security vulnerabilities

SECURING WIRELESS LANS WITH CERTIFICATE SERVICES

Networks and the Internet

Security Considerations for the Enterprise

Presentation transcript:

A Listener Among the Static: Christian Prescott Gabriel Fair Security and Voice over IP

About VOIP Security Threats Solutions Contents

About VOIP VoIP protocols have been in development since the early 1990s and have developed with technology to become more secure H.323 remains in use in many corporate VOIP networks Session Initiation Protocol is a widely implemented standard used in VoIP communications to setup and tear down phone calls Many consumer VoIP solutions do not support encryption, although having a secure phone is much easier to implement with VoIP than traditional phone lines, it still takes time, maintenance and money. As a result, it is relatively easy to eavesdrop on VoIP calls and even change content of the call

Threats VoIP deployments are vulnerable to the same internal and external threats that plague any enterprise data local area network (LAN) or Wide Area Network (WAN). Also vulnerable to all of the same threats as a standard phone line.

Threats Eavesdropping Authentication Security of logs Weak points in network architecture

Threats VoIP has strict performance requirements that make it very susceptible to DoS attacks Automated Telephony Denial of Service (TDoS) Socially Organized TDoS Social Engineering & Financial Fraud Toll Fraud

How VoIP makes Phising Easier VoIP is cheaper than PSTN and is now available anywhere with internet Caller ID can be easily spoofed and controlled Asterisk, the popular open source VoIP for PBXs is widely used and free VoIP in a box enables criminals to move operations to anywhere, even the local coffee shop or library

Questions?

Resources Thermos, Peter. "Examining Two Well-Known Attacks on VoIP." Web log post. CircleID. N.p., 5 Apr Web. 4 Dec United States of America. U.S. Department of Commerce. National Institute of Standards and Technology. Security Considerations for Voice over IP Systems. By D. R. Kuhn, Thomas J. Walsh, and Steffen Fries. N.p.: n.p., n.d. Print. Weiss, Eric. Security Concerns with VOIP. Tech. N.p.: SANS Institute Infosec Reading Room, Print.