Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hacking Exposed: VoIP Mark D. Collier Chief Technology Officer SecureLogix Corporation

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Hacking Exposed: VoIP Mark D. Collier Chief Technology Officer SecureLogix Corporation"— Presentation transcript:

1 Hacking Exposed: VoIP Mark D. Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com

2 Overview Gathering Information:  Footprinting  Scanning  Enumeration Attacking the Network:  Network Infrastructure Denial of Service  Network Eavesdropping  Network and Application Interception Outline

3 Attacking the Application:  Fuzzing  Disruption of Service  Signaling and Media Manipulation Social Attacks:  Voice SPAM/SPIT  Voice Phishing Outline

4 VoIP systems are vulnerable:  Platforms, networks, and applications are vulnerable  VoIP-specific attacks are becoming more common  Security isn ’ t always a consideration during deployment The threat is increasing:  VoIP deployment is growing  Deployments are critical to business operations  Greater integration with the data network  More attack tools being published  The hacking community is taking notice Introduction Introduction

5 This is the process a hacker goes through to gather information about your organization and prepare their attack Consists of:  Footprinting  Scanning  Enumeration Gathering Information

6 Steps taken by a hacker to learn about your enterprise before they start the actual attack Consists of:  Public website research  Google hacking Footprinting Gathering Information Footprinting

7 An enterprise website often contains a lot of information that is useful to a hacker:  Organizational structure and corporate locations  Help and technical support  Job listings  Phone numbers and extensions Public Website Research Introduction Gathering Information Footprinting

8 Public Website Research Job Listings Job listings can contain a ton of information about the enterprise VoIP system. Here is a portion of an actual job listing: Required Technical Skills: Minimum 3-5 years experience in the management and implementation of Avaya telephone systems/voicemails: * Advanced programming knowledge of the Avaya Communication Servers and voicemails. Gathering Information Footprinting

9 Public Website Research Phone Numbers Google can be used to find all phone numbers on an enterprise web site:  Type: “111..999-1000..9999 site:www.mcgraw-hill.com” Gathering Information Footprinting

10 Public Website Research Voice Mail By calling into some of these numbers, you can listen to the voice mail system and determine the vendor Check out our voice mail hacking database at:  www.hackingvoip.com Gathering Information Footprinting

11 Public Website Research Countermeasures It is difficult to control what is on your enterprise website, but it is a good idea to be aware of what is on it Try to limit amount of detail in job postings Remove technical detail from help desk web pages Gathering Information Footprinting

12 Google is incredibly good at finding details on the web:  Vendor press releases and case studies  Resumes of VoIP personnel  Mailing lists and user group postings  Web-based VoIP logins Google Hacking Introduction Gathering Information Footprinting

13 Vendors and enterprises may post press releases and case studies:  Type: “site:avaya.com case study” or “site:avaya.com company” Users place resumes on the Internet when searching for jobs  Search Monster for resumes for company employees Mailing lists and user group postings:  www.inuaa.org  www.innua.org  forums.cisco.com  forums.digium.com Google Hacking Gathering Information Footprinting

14 Use Google to search for:  Type: inrul:”ccmuser/logon.asp”  Type: inurl:”ccmuser/logon.asp” site:example.com  Type: inurl:”NetworkConfiguration” cisco Google Hacking Web-Based VoIP Logins Gathering Information Footprinting

15 Determine what your exposure is Be sure to remove any VoIP phones which are visible to the Internet Disable the web servers on your IP phones There are services that can help you monitor your exposure:  www.cyveilance.com  ww.baytsp.com Google Hacking Countermeasures Gathering Information Footprinting

16 Steps taken by a hacker to identify IP addresses and hosts running VoIP Consists:  Gaining access  Host/device discovery and identification  Port scanning and service discovery Scanning Introduction Gathering Information Scanning

17 Several attack vectors include:  Installing a simple wired hub  Wi-Fi sniffing  Compromising a network node  Compromising a VoIP phone  Compromising a switch  Compromising a proxy, gateway, or PC/softphone  ARP poisoning  Circumventing VLANs Scanning Gaining Access Attacking The Network Gaining Access

18 Consists of various techniques used to find hosts:  Ping sweeps  ARP pings  TCP ping scans  SNMP sweeps After hosts are found, the type of device can be determined Classifies host/device by operating system Network stack fingerprinting is a common technique for identifying hosts/devices Host/Device Discovery and Identification Gathering Information Scanning

19 Host/Device Discovery Using nmap nmap -O -P0 192.168.1.1-254 Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at 2006-02-20 01:03 CST Interesting ports on 192.168.1.21: (The 1671 ports scanned but not shown below are in state: filtered) PORT STATE SERVICE 23/tcp open telnet MAC Address: 00:0F:34:11:80:45 (Cisco Systems) Device type: VoIP phone Running: Cisco embedded OS details: Cisco IP phone (POS3-04-3-00, PC030301) Interesting ports on 192.168.1.23: (The 1671 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 80/tcp open http MAC Address: 00:15:62:86:BA:3E (Cisco Systems) Device type: VoIP phone|VoIP adapter Running: Cisco embedded OS details: Cisco VoIP Phone 7905/7912 or ATA 186 Analog Telephone Adapter Interesting ports on 192.168.1.24: (The 1671 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 80/tcp open http MAC Address: 00:0E:08:DA:DA:17 (Sipura Technology) Device type: VoIP adapter Running: Sipura embedded OS details: Sipura SPA-841/1000/2000/3000 POTS VoIP gateway Gathering Information Scanning

20 Host/Device Discovery Ping Sweeps/ARP Pings Gathering Information Scanning

21 Host/Device Discovery SNMP Sweeps Gathering Information Scanning

22 Use firewalls and Intrusion Prevention Systems (IPSs) to block ping and TCP sweeps VLANs can help isolate ARP pings Ping sweeps can be blocked at the perimeter firewall Host/Device Discovery Countermeasures Gathering Information Scanning

23 Consists of various techniques used to find open ports and services on hosts These ports can be targeted later nmap is the most commonly used tool for TCP SYN and UDP scans Port Scanning/Service Discovery Gathering Information Scanning

24 Using non-Internet routable IP addresses will prevent external scans Firewalls and IPSs can detect and possibly block scans VLANs can be used to partition the network to prevent scans from being effective Port Scanning/Service Discovery Countermeasures Gathering Information Scanning

25 Involves testing open ports and services on hosts/devices to gather more information Includes running tools to determine if open services have known vulnerabilities Also involves scanning for VoIP-unique information such as phone numbers Includes gathering information from TFTP servers and SNMP Enumeration Introduction Gathering Information Enumeration

26 Vulnerability Testing Tools Gathering Information Enumeration

27 Vulnerability Testing Tools Gathering Information Enumeration

28 Vulnerability Testing Tools Gathering Information Enumeration

29 Vulnerability Testing Countermeasures Gathering Information Enumeration The best solution is to upgrade your applications and make sure you continually apply patches Some firewalls and IPSs can detect and mitigate vulnerability scans

30 SIP Enumeration Directory Scanning [root@attacker]# nc 192.168.1.104 5060 OPTIONS sip:test@192.168.1.104 SIP/2.0 Via: SIP/2.0/TCP 192.168.1.120;branch=4ivBcVj5ZnPYgb To: alice Content-Length: 0 SIP/2.0 404 Not Found Via: SIP/2.0/TCP 192.168.1.120;branch=4ivBcVj5ZnPYgb;received=192.168.1.103 To: alice sip:test@192.168.1.104>;tag=b27e1a1d33761e85846fc98f5f3a7e58.0503 Server: Sip EXpress router (0.9.6 (i386/linux)) Content-Length: 0 Warning: 392 192.168.1.104:5060 "Noisy feedback tells: pid=29801 req_src_ip=192.168.1.120 req_src_port=32773 in_uri=sip:test@192.168.1.104 out_uri=sip:test@192.168.1.104 via_cnt==1" Gathering Information Enumeration

31 SIP Enumeration Directory Scanning Gathering Information Enumeration

32 TFTP Enumeration Introduction Almost all phones we tested use TFTP to download their configuration files The TFTP server is rarely well protected If you know or can guess the name of a configuration or firmware file, you can download it without even specifying a password The files are downloaded in the clear and can be easily sniffed Configuration files have usernames, passwords, IP addresses, etc. in them Gathering Information Enumeration

33 TFTP Enumeration Using TFTPBRUTE [root@attacker]# perl tftpbrute.pl 192.168.1.103 brutefile.txt 100tftpbrute.pl,, V 0.1 TFTP file word database: brutefile.txt TFTP server 192.168.1.103 Max processes 100 Processes are: 1 Processes are: 12 *** Found TFTP server remote filename : sip.cfg *** Found TFTP server remote filename : 46xxsettings.txt Processes are: 13 Processes are: 14 *** Found TFTP server remote filename : sip_4602D02A.txt *** Found TFTP server remote filename : XMLDefault.cnf.xml *** Found TFTP server remote filename : SipDefault.cnf Gathering Information Enumeration

34 TFTP Enumeration Countermeasures Gathering Information Enumeration It is difficult not to use TFTP, since it is so commonly used by VoIP vendors Some vendors offer more secure alternatives Firewalls can be used to restrict access to TFTP servers to valid devices

35 SNMP Enumeration Introduction SNMP is enabled by default on most IP PBXs and IP phones Simple SNMP sweeps will garner lots of useful information If you know the device type, you can use snmpwalk with the appropriate OID You can find the OID using Solarwinds MIB Default “passwords”, called community strings, are common Gathering Information Enumeration

36 SNMP Enumeration Solarwinds Gathering Information Enumeration

37 SNMP Enumeration snmpwalk [root@domain2 ~]# snmpwalk -c public -v 1 192.168.1.53 1.3.6.1.4.1.6889 SNMPv2-SMI::enterprises.6889.2.69.1.1.1.0 = STRING: "Obsolete" SNMPv2-SMI::enterprises.6889.2.69.1.1.2.0 = STRING: "4620D01B" SNMPv2-SMI::enterprises.6889.2.69.1.1.3.0 = STRING: "AvayaCallserver" SNMPv2-SMI::enterprises.6889.2.69.1.1.4.0 = IpAddress: 192.168.1.103 SNMPv2-SMI::enterprises.6889.2.69.1.1.5.0 = INTEGER: 1719 SNMPv2-SMI::enterprises.6889.2.69.1.1.6.0 = STRING: "051612501065" SNMPv2-SMI::enterprises.6889.2.69.1.1.7.0 = STRING: "700316698" SNMPv2-SMI::enterprises.6889.2.69.1.1.8.0 = STRING: "051611403489" SNMPv2-SMI::enterprises.6889.2.69.1.1.9.0 = STRING: "00:04:0D:50:40:B0" SNMPv2-SMI::enterprises.6889.2.69.1.1.10.0 = STRING: "100" SNMPv2-SMI::enterprises.6889.2.69.1.1.11.0 = IpAddress: 192.168.1.53 SNMPv2-SMI::enterprises.6889.2.69.1.1.12.0 = INTEGER: 0 SNMPv2-SMI::enterprises.6889.2.69.1.1.13.0 = INTEGER: 0 SNMPv2-SMI::enterprises.6889.2.69.1.1.14.0 = INTEGER: 0 SNMPv2-SMI::enterprises.6889.2.69.1.1.15.0 = STRING: "192.168.1.1" SNMPv2-SMI::enterprises.6889.2.69.1.1.16.0 = IpAddress: 192.168.1.1 SNMPv2-SMI::enterprises.6889.2.69.1.1.17.0 = IpAddress: 255.255.255.0... SNMPv2-SMI::enterprises.6889.2.69.1.4.8.0 = INTEGER: 20 SNMPv2-SMI::enterprises.6889.2.69.1.4.9.0 = STRING: "503" Gathering Information Enumeration

38 Disable SNMP on any devices where it is not needed Change default public and private community strings Try to use SNMPv3, which supports authentication SNMP Enumeration Countermeasures Gathering Information Enumeration

39 The VoIP network and supporting infrastructure are vulnerable to attacks Most attacks will originate inside the network, once access is gained Attacks include:  Network infrastructure DoS  Network eavesdropping  Network and application interception Attacking The Network

40 Some techniques for circumventing VLANs:  Without MAC filtering, disconnect a phone and connect a PC  Even if MAC filtering is used, you can easily spoof the MAC  Be especially cautious of VoIP phones in public areas Some other VLAN attacks:  MAC flooding attack  802.1q and ISL tagging attack  Double-encapsulated 802.1q/Nested VLAN attack  Private VLAN attack  Spanning-tree protocol attack/VLAN trunking protocol attack Attacking The Network Gaining Access

41 The VoIP network and supporting infrastructure are vulnerable to attacks VoIP media/audio is particularly susceptible to any DoS attack which introduces latency and jitter Attacks include:  Flooding attacks  Network availability attacks  Supporting infrastructure attacks Network Infrastructure DoS Attacking The Network Network DoS

42 Flooding attacks generate so many packets at a target, that it is overwhelmed and can’t process legitimate requests Flooding Attacks Introduction Attacking The Network Network DoS

43 Some types of floods are:  UDP floods  TCP SYN floods  ICMP and Smurf floods  Worm and virus oversubscription side effect  QoS manipulation  Application flooding Flooding Attacks Types of Floods Attacking The Network Network DoS

44 Layer 2 and 3 QoS mechanisms are commonly used to give priority to VoIP media (and signaling) Use rate limiting in network switches Use anti-DoS/DDoS products Some vendors have DoS support in their products (in newer versions of software) Flooding Attacks Countermeasures Attacking The Network Network DoS

45 This type of attack involves an attacker trying to crash the underlying operating system:  Fuzzing involves sending malformed packets, which exploit a weakness in software  Packet fragmentation  Buffer overflows Network Availability Attacks Attacking The Network Network DoS

46 A network IPS is an inline device that detects and blocks attacks Some firewalls also offer this capability Host based IPS software also provides this capability Network Availability Attacks Countermeasures Attacking The Network Network DoS

47 VoIP systems rely heavily on supporting services such as DHCP, DNS, TFTP, etc. DHCP exhaustion is an example, where a hacker uses up all the IP addresses, denying service to VoIP phones DNS cache poisoning involves tricking a DNS server into using a fake DNS response Supporting Infrastructure Attacks Attacking The Network Network DoS

48 Configure DHCP servers not to lease addresses to unknown MAC addresses DNS servers should be configured to analyze info from non-authoritative servers and dropping any response not related to queries Supporting Infrastructure Attacks Countermeasures Attacking The Network Network DoS

49 VoIP configuration files, signaling, and media are vulnerable to eavesdropping Attacks include:  TFTP configuration file sniffing (already discussed)  Number harvesting and call pattern tracking  Conversation eavesdropping Network Eavesdropping Introduction Attacking The Network Eavesdropping

50 By sniffing signaling, it is possible to build a directory of numbers and track calling patterns voipong automates the process of logging all calls Wireshark is very good at sniffing VoIP signaling Numbers/Call Patterns Attacking The Network Eavesdropping

51 Conversation Recording Wireshark Attacking The Network Eavesdropping

52 Conversation Recording Wireshark

53 Attacking The Network Eavesdropping Conversation Recording Cain And Abel

54 Other tools include:  vomit  Voipong  voipcrack (not public)  DTMF decoder Conversation Recording Other Tools Attacking The Network Eavesdropping

55 Use encryption:  Many vendors offer encryption for signaling  Use the Transport Layer Security (TLS) for signaling  Many vendors offer encryption for media  Use Secure Real-time Transport Protocol (SRTP)  Use ZRTP  Use proprietary encryption if you have to Network Eavesdropping Countermeasures Attacking The Network Eavesdropping

56 The VoIP network is vulnerable to Man-In-The-Middle (MITM) attacks, allowing:  Eavesdropping on the conversation  Causing a DoS condition  Altering the conversation by omitting, replaying, or inserting media  Redirecting calls Attacks include:  Network-level interception  Application-level interception Network/Application Interception Introduction Attacking The Network Net/App Interception

57 The most common network-level MITM attack is ARP poisoning Involves tricking a host into thinking the MAC address of the attacker is the intended address There are a number of tools available to support ARP poisoning:  Cain and Abel  ettercap  Dsniff  hunt Network Interception ARP Poisoning Attacking The Network Net/App Interception

58 Network Interception ARP Poisoning Attacking The Network Net/App Interception

59 Network Interception ARP Poisoning Attacking The Network Net/App Interception

60 Network Interception Countermeasures Attacking The Network Net/App Interception Some countermeasures for ARP poisoning are:  Static OS mappings  Switch port security  Proper use of VLANs  Signaling encryption/authentication  ARP poisoning detection tools, such as arpwatch

61 VoIP systems are vulnerable to application attacks against the various VoIP protocols Attacks include:  Fuzzing attacks  Flood-based DoS  Signaling and media manipulation Attacking The Application

62 Fuzzing describes attacks where malformed packets are sent to a VoIP system in an attempt to crash it Research has shown that VoIP systems, especially those employing SIP, are vulnerable to fuzzing attacks Fuzzing Introduction Attacking The Application Fuzzing

63 INVITE sip:6713@192.168.26.180:6060;user=phone SIP/2.0 Via: SIP/2.0/UDP 192.168.22.36:6060 From: UserAgent To: 6713 Call-ID: 96561418925909@192.168.22.36 Cseq: 1 INVITE Subject: VovidaINVITE Contact: Content-Type: application/sdp Content-Length: 168 Attacking The Application Fuzzing Fuzzing Example

64 INVITE sip:6713@192.168.26.180:6060;user=phone SIP/2.0 Via: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaa… From: UserAgent To: 6713 Call-ID: 96561418925909@192.168.22.36 Cseq: 1 INVITE Subject: VovidaINVITE Contact: Content-Type: application/sdp Content-Length: 168 Attacking The Application Fuzzing Fuzzing Example

65 There are many public domain tools available for fuzzing:  Protos suite  Asteroid  Fuzzy Packet  NastySIP  Scapy Fuzzing Public Domain Tools Attacking The Application Fuzzing  SipBomber  SFTF  SIP Proxy  SIPp  SIPsak

66 There are some commercial tools available:  Beyond Security BeStorm  Codenomicon  MuSecurity Mu-4000 Security Analyzer  Security Innovation Hydra  Sipera Systems LAVA tools Fuzzing Commercial Tools Attacking The Application Fuzzing

67 Make sure your vendor has tested their systems for fuzzing attacks Consider running your own tests An VoIP-aware IPS can monitor for and block fuzzing attacks Fuzzing Countermeasures Attacking The Application Fuzzing

68 Several tools are available to generate floods at the application layer:  rtpflood – generates a flood of RTP packets  inviteflood – generates a flood of SIP INVITE packets  SiVuS – a tool which a GUI that enables a variety of flood- based attacks Virtually every device we tested was susceptible to these attacks Attacking The Application Flood-Based DoS Flood-Based DoS

69 There are several countermeasures you can use for flood- based DoS:  Use VLANs to separate networks  Use TCP and TLS for SIP connections  Use rate limiting in switches  Enable authentication for requests  Use SIP firewalls/IPSs to monitor and block attacks Flood-Based DoS Countermeasures Attacking The Application Flood-Based DoS

70 In SIP and RTP, there are a number of attacks possible, which exploit the protocol:  Registration manipulation  Redirection attacks  Session teardown  SIP phone reboot  RTP insertion/mixing Attacking The Application Sig/Media Manipulation Signaling/Media Manipulation Introduction

71 Proxy User Proxy Attacker Hijacked Media Hijacked Session User Registration Manipulation Attacking The Application Sig/Media Manipulation

72 Inbound Calls Are Redirected Attacker Proxy User Attacker Sends “301/302 – Moved” Message User Redirection Attacks Attacking The Application Sig/Media Manipulation

73 Attacker Sends BYE Messages To UAs Attacker Proxy User Session Teardown Attacking The Application Sig/Media Manipulation

74 Attacker Sends check-sync Messages To UA Attacker Proxy User IP Phone Reboot Attacking The Application Sig/Media Manipulation

75 Attacker Sees Packets And Inserts/Mixes In New Audio Attacker Proxy User Audio Insertion/Mixing Attacking The Application Sig/Media Manipulation

76 Some countermeasures for signaling and media manipulation include:  Use digest authentication where possible  Use TCP and TLS where possible  Use SIP-aware firewalls/IPSs to monitor for and block attacks  Use audio encryption to prevent RTP injection/mixing Attacking The Application Sig/Media Manipulation Signaling/Media Manipulation Countermeasures

77 There are a couple of evolving social threats that will affect enterprises:  Voice SPAM or SPAM over Internet Telephony (SPIT)  Voice phishing Social Attacks

78 Voice SPAM refers to bulk, automatically generated, unsolicited phone calls Similar to telemarketing, but occurring at the frequency of email SPAM Not an issue yet, but will become prevalent when:  The network makes it very inexpensive or free to generate calls  Attackers have access to VoIP networks that allow generation of a large number of calls It is easy to set up a voice SPAM operation, using Asterisk, tools like “spitter”, and free VoIP access Voice SPAM Introduction Social Attacks Voice SPAM

79 Voice SPAM has the potential to be very disruptive because:  Voice calls tend to interrupt a user more than email  Calls arrive in realtime and the content can’t be analyzed to determine it is voice SPAM  Even calls saved to voice mail must be converted from audio to text, which is an imperfect process  There isn’t any capability in the protocols that looks like it will address Voice SPAM Voice SPAM Social Attacks Voice SPAM

80 Some potential countermeasures for voice SPAM are:  Authenticated identity movements, which may help to identify callers  Legal measures Enterprise voice SPAM filters:  Black lists/white lists  Approval systems  Audio content filtering  Turing tests Voice SPAM Countermeasures Social Attacks Voice SPAM

81 VoIP Phishing Introduction Similar to email phishing, but with a phone number delivered though email or voice When the victim dials the number, the recording requests entry of personal information The hacker comes back later and retrieves the touch tones or other information Social Attacks Phishing

82 VoIP Phishing Example “Hi, this is Bob from Bank of America calling. Sorry I missed you. If you could give us a call back at 1-866-555-1324 we have an urgent issue to discuss with you about your bank account.” Hello. This is Bank of America. So we may best serve you, please enter your account number followed by your PIN. Social Attacks Phishing

83 VoIP Phishing Example Social Attacks Phishing

84 VoIP Phishing Countermeasures Traditional email spam/phishing countermeasures come in to play here. Educating users is a key Social Attacks Phishing

85 Final Thoughts VoIP systems can be secured, but are often installed in a non-secure way A VoIP security assessment/audit is a great way to identify issues and countermeasures Don’t forget about legacy systems. Issues still exist and VoIP can make some worse Social Attacks Phishing

Download ppt "Hacking Exposed: VoIP Mark D. Collier Chief Technology Officer SecureLogix Corporation"

Similar presentations

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.
Voice Security Interop 2009 Mark D. Collier SecureLogix Corporation

Voice Security Interop 2009 Mark D. Collier SecureLogix Corporation
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.

1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.
Voice over IP and IP telephony Network convergence – Telephone and IT – PoE (Power over Ethernet) Mobility and Roaming Telco – Switched -> Packet (IP)

Voice over IP and IP telephony Network convergence – Telephone and IT – PoE (Power over Ethernet) Mobility and Roaming Telco – Switched -> Packet (IP)
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Web Server Administration TEC 236 Securing the Web Environment.

Web Server Administration TEC 236 Securing the Web Environment.
Securing Unified Communications Mor Hezi VP Unified Communications AudioCodes.

Securing Unified Communications Mor Hezi VP Unified Communications AudioCodes.
September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.

September 19, 2006speermint interim1 VoIP Threats and Attacks Alan Johnston.
Network and VoIP Security – More Important Than Ever Mark D. Collier Chief Technology Officer SecureLogix Corporation

Network and VoIP Security – More Important Than Ever Mark D. Collier Chief Technology Officer SecureLogix Corporation
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Hacking Exposed: VoIP Mark D. Collier Chief Technology Officer

Hacking Exposed: VoIP Mark D. Collier Chief Technology Officer
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
Deployment of the VoIP Servers BY: Syed khaja Najmuddin Ahmed Anil Kumar Marikukala.

Deployment of the VoIP Servers BY: Syed khaja Najmuddin Ahmed Anil Kumar Marikukala.
HackerHalted VoIP Security Uncovered Mark D. Collier Chief Technology Officer SecureLogix Corporation

HackerHalted VoIP Security Uncovered Mark D. Collier Chief Technology Officer SecureLogix Corporation

Similar presentations

Ads by Google