Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright Security-Assessment.com 2005 Voice over IP What You Don’t Know Can Hurt You by Darren Bilby.

Published byErin Horn Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright Security-Assessment.com 2005 Voice over IP What You Don’t Know Can Hurt You by Darren Bilby."— Presentation transcript:

1 Copyright Security-Assessment.com 2005 Voice over IP What You Don’t Know Can Hurt You by Darren Bilby

2 Copyright Security-Assessment.com 2005 What is VoIP? Voice over Internet Protocol “A method for taking analog audio signals, like the kind you hear when you talk on the phone, and turning them into digital data that can be transmitted over the Internet. “ Also known as: – Voice over Packet (VoP) – IP Telephony (IPT)

3 Copyright Security-Assessment.com 2005 VoIP Trends VOIP becoming more popular and will increase in future Many ISPs and Telco’s starting to offer VoIP services Like most other phone calls, it is presumed to be confidential Designed by telephone people with trusted networks in mind

4 Copyright Security-Assessment.com 2005 Different Types of VoIP There are many different implementations of VoIP: – MSN – Firefly – Skype – Office Phone Replacements – Push to Talk – Ihug Connect – Slingshot iTalk Different technologies, but most of these do not have security built-in.

5 Copyright Security-Assessment.com 2005 Components of a VoIP Implementation Client Voice Gateway Support Servers – Voicemail, Proxies, Management Servers

6 Copyright Security-Assessment.com 2005 VoIP Clients Hard Phone Soft Phone Analog Telephone Adaptor (ATA)

7 Copyright Security-Assessment.com 2005 Protocols and Acronyms

8 Copyright Security-Assessment.com 2005 Protocols and Acronyms Signaling Protocol – Create, modify, and terminate sessions with participants – Conferences – Proxies – Authentication Transport Protocol – Actually sends the data

9 Copyright Security-Assessment.com 2005 Protocols and Acronyms ITU H.323 – One of the earliest sets of VoIP standards – Handles voice, video, and data conferencing – Some limitations, but most VoIP traffic utilises this today Session Initiation Protocol (SIP) – Signaling protocol – RFC 3261 – Currently most favored protocol for new systems Realtime Transport Protocol (RTP/RTCP) – Used for media transfer by other protocols – Fast, scaleable and efficient – RTCP manages the call – RTP is the voice data

10 Copyright Security-Assessment.com 2005 Protocols and Acronyms SCCP (Skinny) – Cisco signaling and control protocol – Open standard IAX/IAX2 – Signaling and control protocol – Designed by Asterisk open source project – Handles NAT and Firewalls cleanly MGCP (Media Gateway Control Protocol) – Signaling and control protocol – Reduce traffic between gateways

11 Copyright Security-Assessment.com 2005 Why is VoIP Security a Problem? Pranks Eavesdropping and Recording Phone Calls Track Calls Stealing Confidential Information Modifying Phone Calls Making Free Phone Calls Board Room Bugging Sending Spam

12 Copyright Security-Assessment.com 2005 VoIP Security Scenarios

13 Copyright Security-Assessment.com 2005 Scenario 1 – Industrial Information Gathering Employee uses the VOIP network to listen to the managing director’s phone calls Gains access to personal details Forwards information about business deals to competitors

14 Copyright Security-Assessment.com 2005 Demo Cain – http://www.oxid.it/ Voice over Misconfigured IP Telephony (Vomit) – http://vomit.xtdnet.nl/

15 Copyright Security-Assessment.com 2005 Scenario 2 – The Fraud Employee uses ARP redirection in a large office to record all voice conversations Leaves it recording and logging for a week Then uses DTMF decoder to get access to other employees bank details, voice mailboxes etc Phone banking Voice Mail

16 Copyright Security-Assessment.com 2005 Scenario 3 – The Industrial Spy Evil Russian hacker is hired by a competitor to gain knowledge of business strategies. Hacker sends secretary a link to FunnyGame.exe, pretending to be an associate. Hacker sets boardroom IP phone in speakerphone mode, and calls a phone he controls thus recording boardroom meetings.

17 Copyright Security-Assessment.com 2005 Scenario 4 – Hacking Phones with IE Phones are standard IP devices – HTTP, Telnet, SNMP There are vulnerabilities in these devices Password security Hacker scans the Internet looking for vulnerable phones Hacker then uses the phones to call 0900 numbers which she gets paid for

18 Copyright Security-Assessment.com 2005 Demo

19 Copyright Security-Assessment.com 2005 Okay… So How Do We Secure It? Secure the Devices Network Segregation Encrypt the Traffic Intrusion Detection

20 Copyright Security-Assessment.com 2005 Secure the Devices

21 Copyright Security-Assessment.com 2005 Secure the Devices Don’t expose anything to the Internet that doesn’t need to be! Patch and secure VoIP servers Patch phones Train your telephony staff in security practice This is a really bad idea!

22 Copyright Security-Assessment.com 2005 Network Segregation

23 Copyright Security-Assessment.com 2005 Network Segregation Problem: Malicious devices can sniff voice traffic ↓ Use switches ↓ Hacker can use ARP redirection or MAC overflow to turn switch into HUB ↓ Use separate Voice and Data VLANS – Management overhead ↓ Put a HUB in the phone ↓ Now we can’t VLAN ↓ Make phone smarter, teach it about VLAN’s ↓ Hacker can now attack any VLAN from his phone port. But safe from remote attackers

24 Copyright Security-Assessment.com 2005 Network Segregation

25 Copyright Security-Assessment.com 2005 Network Segregation Try to stop malicious connections to your network – Disable switch ports not in use – Restrict access to switch by MAC address – Implement Sticky MAC All have management overhead and are not really secure

26 Copyright Security-Assessment.com 2005 Network Segregation Firewalls, Routers and Smart Switches Use Voice VLAN Only allow the required traffic from one interface to another Reduce DoS risk Integrated solutions eg Cisco

27 Copyright Security-Assessment.com 2005 Encrypt the Traffic

28 Copyright Security-Assessment.com 2005 Encrypt the Traffic Wrap an insecure protocol in a secure one – IPSEC – Other VPN Use a secure protocol – Secure Call Setup eg SIP TLS – SRTP – Cisco designed protocol for encrypting RTP traffic

29 Copyright Security-Assessment.com 2005 SRTP - Secure Real-time Transport Protocol RTP/RTCP extension End to End Designed by Cisco IETF RFC 3711 Adds – Confidentiality (AES128) – Message authentication (HMAC-SHA1) – Replay protection Doesn’t effect compression or QoS Scales well

30 Copyright Security-Assessment.com 2005 Encryption Requires Authentication SRTP Does not define authentication – Pre Shared Keys – Custom SIP headers – MIKEY (Multimedia Internet KEYing) – Certificates preloaded on phones

31 Copyright Security-Assessment.com 2005 SRTP – Can I Use It? Currently known support by Sipura, Zultys, Avaya and Cisco Cisco support on Call Manager 4.0 Currently only high end phones 7940, 7960 and 7970

32 Copyright Security-Assessment.com 2005 Intrusion Detection

33 Copyright Security-Assessment.com 2005 Intrusion Detection Benefits of VLAN – IDS monitoring can be accurate – Very limited traffic on the network ARP Inspection at a minimum

34 Copyright Security-Assessment.com 2005 Securing VoIP Summary Secure Phones and Management Devices Segregate your network using VLANs and firewalls Only buy devices that support SRTP and push your vendors for support Use Intrusion Detection where possible Consider VoIP security overhead before deciding

35 Copyright Security-Assessment.com 2005 Other VoIP Issues

36 Copyright Security-Assessment.com 2005 Other VoIP Issues - Caller ID Spoofing CID is often used for authentication – Voicemail systems Makes social engineering a lot easier But, high barrier to entry: – Access to direct connection with Telco eg E1 – Access to misconfigured VoIP provider Multiple companies are now offering caller ID spoofing: - CovertCall- PI Phone - Star38- Us Tracers - Camophone- Telespoof

37 Copyright Security-Assessment.com 2005 Skype

38 Copyright Security-Assessment.com 2005 Other VoIP Issues - Skype Proprietary VOIP system for calls over the Internet Free and simple to use Developed by the creators of KaZaA NAT and Firewall traversal File transfer

39 Copyright Security-Assessment.com 2005 Other VoIP Issues - Skype Ref: "An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol“ Salman A. Baset and Henning Schulzrinne

40 Copyright Security-Assessment.com 2005 Skype Security Concerns Claims AES 128bit encryption - unverifiable Skype may have the ability to decrypt all voice traffic Same developers as KaZaA, known for spyware Cannot stop client becoming a Supernode Client allows file transfer, even through firewalls, an access path for malicious code, information leakage Client can update itself automatically

41 Copyright Security-Assessment.com 2005 Good Sites For Learning More Some good links for learning more about VoIP – Voip-Info.org http://www.voip-info.org – VoP Security http://www.vopsecurity.org – Cain and Abelhttp://www.oxid.it – Vomit http://vomit.xtdnet.nl/

Download ppt "Copyright Security-Assessment.com 2005 Voice over IP What You Don’t Know Can Hurt You by Darren Bilby."

Similar presentations

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.
Addressing Security Issues IT Expo East 2011. Addressing Security Issues Unified Communications SIP Communications in a UC Environment.

Addressing Security Issues IT Expo East Addressing Security Issues Unified Communications SIP Communications in a UC Environment.
Secure Mobile IP Communication

Secure Mobile IP Communication
CANTO – 2006 Information Security and Voice over IP (VoIP) Robert Potvin, CISSP VP - Strategic Consulting June 21st, 2006.

CANTO – 2006 Information Security and Voice over IP (VoIP) Robert Potvin, CISSP VP - Strategic Consulting June 21st, 2006.
BAI613 Module 2 - Voice over IP Technology. Module Objectives 1. Describe the benefits of IP Telephony/Packet Telephony/VoIP over traditional telephone.

BAI613 Module 2 - Voice over IP Technology. Module Objectives 1. Describe the benefits of IP Telephony/Packet Telephony/VoIP over traditional telephone.
Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.

Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.
Voice over IP Fundamentals

Voice over IP Fundamentals
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Nicolas FISCHBACH Senior Manager, IP Engineering/Security - COLT Telecom - version 1.0 Voice over IP (VoIP)

Nicolas FISCHBACH Senior Manager, IP Engineering/Security - COLT Telecom - version 1.0 Voice over IP (VoIP)
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.

1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.
SIP Security & the Future of VoIP Nate Klingenstein APAN 26 Queenstown August 5, 2008 ~ndk/apanSIP.pdf.

SIP Security & the Future of VoIP Nate Klingenstein APAN 26 Queenstown August 5, ~ndk/apanSIP.pdf.
1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.

1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.
Voice over IP and IP telephony Network convergence – Telephone and IT – PoE (Power over Ethernet) Mobility and Roaming Telco – Switched -> Packet (IP)

Voice over IP and IP telephony Network convergence – Telephone and IT – PoE (Power over Ethernet) Mobility and Roaming Telco – Switched -> Packet (IP)
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Introducing VoIP Networks Chapter 01 Components of a VoIP Network.

Introducing VoIP Networks Chapter 01 Components of a VoIP Network.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Voice over Internet Protocol (VoIP) Training and Development.

Voice over Internet Protocol (VoIP) Training and Development.

Similar presentations

Ads by Google