Voice over IP and IP telephony Network convergence – Telephone and IT – PoE (Power over Ethernet) Mobility and Roaming Telco – Switched -> Packet (IP)

Slides:

Advertisements

Similar presentations

The leader in session border control for trusted, first class interactive communications.

Advertisements

SIP, Firewalls and NATs Oh My!. SIP Summit SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.

Fall VoN 2000 SIP Servers SIP Servers: A Buyers Guide Jonathan Rosenberg Chief Scientist.

Voice Security Interop 2009 Mark D. Collier SecureLogix Corporation

1 IP Telephony (VoIP) CSI4118 Fall Introduction (1) A recent application of Internet technology – Voice over IP (VoIP): Transmission of voice.

Johan Garcia Karlstads Universitet Datavetenskap 1 Datakommunikation II Signaling/Voice over IP / SIP Based on material from Henning Schulzrinne, Columbia.

VoIPhreaking How to make free phone calls and influence people by the grugq.

CANTO – 2006 Information Security and Voice over IP (VoIP) Robert Potvin, CISSP VP - Strategic Consulting June 21st, 2006.

July 20, 2000H.323/SIP1 Interworking Between SIP/SDP and H.323 Agenda Compare SIP/H.323 Problems in interworking Possible solutions Conclusion Q/A Kundan.

Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.

Voice over IP Fundamentals

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Nicolas FISCHBACH Senior Manager, IP Engineering/Security - COLT Telecom - version 1.0 Voice over IP (VoIP)

SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.

January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.

1 Kommunikatsiooniteenuste arendus IRT0080 Loeng 5 Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.

1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.

SIP Chapter 5. SIP History 1980s – first packet multimedia experiments 1992 – first IETF audio-cast 1996 – first SIP related IETF drafts Session Invitation.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.

1 ITEC 809 Securing SIP in VoIP Domain Iyad Alsmairat Supervisor: Dr. Rajan Shankaran.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

Session Initiation Protocol (SIP) By: Zhixin Chen.

SIP Security Matt Hsu.

CSc 461/561 CSc 461/561 Multimedia Systems Part C: 2. SIP.

SIP vs H323 Over Wireless networks Presented by Srikar Reddy Yeruva Instructor Chin Chin Chang.

SIP, Session Initiation Protocol Internet Draft, IETF, RFC 2543.

Internet Telephony Helen J. Wang Network Reading Group, Jan 27, 99 Acknowledgement: Jimmy, Bhaskar.

Presented by: Shivanagouda Biradar Yousof Pakzad This presentation is submitted to Prof. El Saddik in partial fulfillment of the requirements for the course.

5/3/2006 tlpham VOIP/Security 1 Voice Over IP and Security By Thao L. Pham CS 525.

Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen Dr. Mark Stamp SJSU - CS 265 Spring 2003 STEM is proposed as a solution to network vulnerabilities,

SIP Greg Nelson Duc Pham. SIP Introduction Application-layer (signaling) control protocol for initiating a session among users Application-layer (signaling)

VoIP Security Sanjay Kalra Juniper Networks September 10-12, 2007 Los Angeles Convention Center Los Angeles, California 3 VoIP Issues.

IT Expo SECURITY Scott Beer Director, Product Support Ingate

Session Initiation Protocol (SIP). Features of SIP SIP is a lightweight, transport-independent, text-based protocol. SIP has the following features: SIP.

Ingate & Dialogic Technical Presentation SIP Trunking Focused.

SIP? NAT? NOT! Traversing the Firewall for SIP Call Completion Steven Johnson President, Ingate Systems Inc.

3. VoIP Concepts.

Session Initiation Protocol Team Members: Manjiri Ayyar Pallavi Murudkar Sriusha Kottalanka Vamsi Ambati Girish Satya LeeAnn Tam.

Towards a Scalable and Secure VoIP Infrastructure Towards a Scalable and Secure VoIP Infrastructure Lab for Advanced Networking Systems Director: David.

1 A high grade secure VoIP using the TEA Encryption Algorithm By Ashraf D. Elbayoumy 2005 International Symposium on Advanced Radio Technologies Boulder,

1 TAC2000/ LABORATORY 117 Outline of the Hands-on Tutorial  SIP User-Agent Register Register Make calls Make calls  Fault-Finding Tools Observe.

SIP Security BY, Vivek Nemarugommula. vulnerabilities Registration Hijacking.

H.323 An International Telecommunications Union (ITU) standard. Architecture consisting of several protocols oG.711: Encoding and decoding of speech (other.

Presented By Team Netgeeks SIP Session Initiation Protocol.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

Remote Connectivity and VoIP Hacking

Voice over IP by Rahul varikuti course instructor: Vicky Hsu.

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

Simon Millard Professional Services Manager Aculab – booth 402 The State of SIP.

Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.

Voice over IP B 林與絜.

VoIP Signaling Protocols A signaling protocol is a common language spoken by telephones and call-management servers, the PSTN, and legacy PBX systems as.

Session Initiation Protocol (SIP) Chapter 5 speaker ： Wenping Zhang data ：

MWIF Confidential MWIF-Arch Security Task Force Task 5: Security for Signaling July 11, 2001 Baba, Shinichi Ready for MWIF Kansas.

CSE5803 Advanced Internet Protocols and Applications (14) Introduction Developed in recent years, for low cost phone calls (long distance in particular).

Chapter 6 Remote Connectivity and VoIP Hacking Last modified

Voice Over Internet Protocol (VoIP) Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Presentation 5 – VoIP and the OSI Model.

1 Internet Telephony: Architecture and Protocols an IETF Perspective Authors:Henning Schulzrinne, Jonathan Rosenberg. Presenter: Sambhrama Mundkur.

The Session Initiation Protocol - SIP

Analysis of SIP security Ashwini Sanap ( ) Deepti Agashe ( )

Postech DP&NM Lab Session Initiation Protocol (SIP) Date: Seongcheol Hong DP&NM Lab., Dept. of CSE, POSTECH Date: Seongcheol.

1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.

IP Telephony (VoIP).

Protocols and the TCP/IP Suite Overview and Discussion

Net 431: ADVANCED COMPUTER NETWORKS

Remote Connectivity and VoIP Hacking

SIP Basics Workshop Dennis Baron July 20, 2005.

網際網路電話系統期中考重點整理.

Presentation transcript:

Voice over IP and IP telephony Network convergence – Telephone and IT – PoE (Power over Ethernet) Mobility and Roaming Telco – Switched -> Packet (IP) – Closed world -> Open world Security and privacy – IPhreakers – VoIP vs 3G

Signaling – User location – Session Setup Negotiation Modification Closing Transport – Encoding, transport, etc.

SIP – IETF /5061 (TLS) - “HTTP-like, all in one” – Proprietary extensions – Protocol becoming an architecture – “End-to-end” (between IP PBX) Inter-AS MPLS VPNs Transitive trust – IM extensions (SIMPLE) H.323 – Protocol family – H.235 (security), Q.931+H.245 (management), RTP, CODECs, etc. – ASN.1

RTP (Real Time Protocol) – 5004/udp – RTCP – No QoS/bandwidth management – Packet reordering – CODECs old: G.711 (PSTN/POTS - 64Kb/s) current: G.729 (8Kb/s)

Systems – SIP Proxy – Call Manager/IP PBX User management and reporting (HTTP, etc) – H.323: GK (GateKeeper) – Authentication server (Radius) – Billing servers (CDR/billing) – DNS, TFTP, DHCP servers

Voice Gateway (IP-PSTN) – Gateway Control Protocols – Signaling: SS7 interface Media Gateway Controller – Controls the MG (Megaco/H.248) – SIP interface Signaling Gateway – Interface between MGC and SS7 – SCTP - ISUP, Q.931 – Transport Media Gateway: audio conversion

Firewall – “Non-stateful” filtering – “Stateful” filtering – Application layer filtering (ALGs) – NAT / “firewall piercing” (H.323 : 2xTCP, 4x dynamic UDP ,1720) (SIP : 5060/udp) Encrypted VPN – SSL/TLS – IPsec – Where to encrypt (LAN-LAN, phone-phone, etc)?

Denial of Service – ICMP Flood – IP Spoofing – Port Scans – Land Attack – IP Source Route Evasdropping or recording – In VOIP eavesdropping is a type of an attack, if an attacker able to eavesdropp a communication. Then he can launch different type of an attack like Man in the Middle attack etc. Call Hijacking and Spoofing Call Redirection Voice SPAM (Vishing, Mailbox Stuffing, Unsolicited Calling) Voic Hacking

Signaling Layer Attacks – SIP Registration Hijacking – Impersonating a Server – SIP Message Modification – SIP Cancel / SIP BYE attack – SIP DOS attack Media Layer Attacks – Eavesdropping – RTP insertion attack SSRC collision attacks

SIP Registration attack Attacker impersonates a valid UA to a registrar himself as a valid user agent. So attacker can recieve calls for a legitmate user. Impersonating a Server When an attacker impersonates a remote server and user agent request are served by the attacker machine. SIP Message Modification If an attacker launches a man in the middle attack and modify a message. Then attacker could lead the caller to connect to malicious system. SIP CANCEL / SIP BYE SIP Denial of Service In SIP attacker creates a bogus request that contained a fake IP address and Via field in the SIP header contains the identity of the target host.

Eavesdropping SSRC collision If an attacker eavesdropp the conversation and uses one’s peer SSRC to send RTP packet to other peer, it causes to terminate a session.

Two types of security solutions End-to-End security In SIP end points can ensure end-to-end security to those messages which proxy does not read, like SDP messages could be protectedusing S/MIME. Media is transferred directly, so end-to-end security is achieved by SRTP. Hop-by-hop security TLS, IPSec TLS provide transport layer security over TCP. Normally SIP URI is in the form of but if we are using TLS then SIP URI will be and signaling must be send encrypted.

Authentication means to identify a person. If we take SIP as signaling protocol in VOIP, it defines two mechanisms for authentication HTTP digest authentication S/MIME HTTP Digest Authentication HTTP digests mechanisms used between users to proxies, users to users but not between proxies to proxies. S/MIME S/MIME uses X.509 certificates to authenticate end users in the same way that web browsers use them.

In VOIP media is send directly between users using RTP. Encryption of media is achieved by – IPSec – Secure RTP (SRTP) It provides a framework for encryption and message authentication of RTP and RTCP. Cipher Algorithum: AES Authenitcation is an optional feature. SRTP uses Security Description for Media Streams (SDES) algorithum to negotiate session keys in SDP. – MIKKEY Mikkey provides its own authentication and integrity mechanisim. Mikkey messages carried in a SDP with a=key-mgmt attritbute.

SIPScan - enumerate SIP interfaces TFTPBrute - TFTP directory attacking UDP and RTP Flooder - DoS tools hping2 – TCP session flooding Registration Hijacker - tool to take over H.323 session SIVUS - SIP authentication and registration auditor Vomit - RTP Playback VOIP HOPPER – IP Phone mimicing tool Dsniff - various utilitarian tools (macof and arpspoof) Wireshark (Ethereal) / tcpdump - packet capture and protocol analysis