Presentation is loading. Please wait.

Presentation is loading. Please wait.

By: Christopher Henderson.  What is VoIP?  How is it being used?  VoIP’s main Security Threats.  Availability of Service  Integrity of Service 

Published byMiranda Allison Modified over 9 years ago

Similar presentations

Presentation on theme: "By: Christopher Henderson.  What is VoIP?  How is it being used?  VoIP’s main Security Threats.  Availability of Service  Integrity of Service "— Presentation transcript:

1 By: Christopher Henderson

2  What is VoIP?  How is it being used?  VoIP’s main Security Threats.  Availability of Service  Integrity of Service  Eavesdropping  Securing VoIP and The 5 Simple Steps.  Questions and Comments.

3  VoIP stands for Voice-over IP  VoIP “is the routing of voice conversations over the Internet or through any other IP-based network.” (Wikipedia)  Implemented over WLAN using soft phones.  At its core VoIP is a Data Network.

4  Many companies are starting to adopt VoIP services because of the reduced cost – no telephone system needed.  Services such as T-Mobile’s Hotspots. Wireless Phones using VoIP from WLAN access points – allows use of phone without using minutes.  Computer services such as Skype allow free Internet Phone Calls across the world using VoIP.

5 With VoIP being essentially a data network many of the security threats for the service are classic network security threats that have been modified to take advantage of the VoIP specific applications and protocols.  Availability of Service  Integrity of Service  Eavesdropping

6  VoIP requires a high Quality of Service (QoS).  Basic Denial of Service (DoS) attacks can cripple a VoIP service.  DoS attacks can be centered around VoIP protocols or applications. A simple attack consists of an attacker setting multiple phones to forward a single request message until all the phones system resources are used.

7

8  VoIP requires a secure connection between users.  VoIP protocols (SIP and RTP) have weak end- to-end user authentication.  Attackers can exploit this by hacking guest or user accounts. Using these hacked accounts, attackers can commit ‘toll fraud’ by placing a call on the account’s expense and ‘identity fraud’ by using the account’s phone number impersonating that user.

9  Eavesdropping consists of two steps:  Intercepting protocol (SIP or RTP) packets  Translation into plain speech  Protocol packets can easily be intercepted with a packet sniffer.  VoIP protocols does not have encryption. Thus allowing easy translation into real speech.

10

11 Since VoIP is essentially a data network many of the easiest ways of securing the service include securing the network, just aimed specifically at VoIP. John Edwards outlined 5 simple steps in his article “Secure Your Wireless VoIP System”

12 1. Look for equipment that uses newer wireless security standards. Wi-Fi Protected Access (WPA), WPA2, and IEEE 802.11i have met many powerful security benchmarks. 2. WPA, WPA2, and 802.11i have authentication and encryption built in. WPA2 and 802.11i support the Advanced Encryption Standard (AES). 3. Use Multilevel Protection Embed. Have a hand set encrypt audio while 802.11i authenticates and encrypts wireless connections. 4. Use a VoIP firewall. 5. Train employees how to use VoIP technologies, and the security threats.

13

14 Edwards, John. “A Guide to Understanding the VoIP Security Threat.” VoIP- News. February 14, 2007. Tippit, Inc. December 1, 2007. http://www.voip-news.com/feature/voip-security-threat-021407/ http://www.voip-news.com/feature/voip-security-threat-021407/ Edwards, John. “Secure Your Wireless VoIP System.” VoIP-News. February 14, 2007. Tippit, Inc. December 1, 2007. http://www.voip- news.com/feature/ways-secure-wireless-voip-021407/http://www.voip- news.com/feature/ways-secure-wireless-voip-021407/ Materna, Bogdan. “Making Sense of VoIP Security Threats.” TMCnet. November 22, 2005. Technology Marketing Corporation. November 29, 2007. http://www.tmcnet.com/news/2005/nov/1211529.htmhttp://www.tmcnet.com/news/2005/nov/1211529.htm Piscitello, David. “How to protect your VoIP network.” NETWORKWORLD. May 15, 2006. Network World, Inc. November 28, 2007. http://www.networkworld.com/research/2006/051506-voip-guide- security.html?page=1 http://www.networkworld.com/research/2006/051506-voip-guide- security.html?page=1 VoIP Security Alliance. http://www.voipsa.org/http://www.voipsa.org/

Download ppt "By: Christopher Henderson.  What is VoIP?  How is it being used?  VoIP’s main Security Threats.  Availability of Service  Integrity of Service "

Similar presentations

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.
Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.

Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.

1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Secure VoIP. Outline Who? CUBE Members Why? Motivation What? Project Description How? Design and Implementation.

Secure VoIP. Outline Who? CUBE Members Why? Motivation What? Project Description How? Design and Implementation.
January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.

January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)

Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
1 VOIP Network Threats Let the subscribers beware Gerard Wilkes October 24, 2006.

1 VOIP Network Threats Let the subscribers beware Gerard Wilkes October 24, 2006.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –

Networking DSC340 Mike Pangburn. Networking: Computers on the Internet  1969 – 4  1971 – 15  1984 – 1000  1987 – 10,000  1989 – 100,000  1992 –
Security in IP telephony (VoIP) David Andersson Erik Martinsson.

Security in IP telephony (VoIP) David Andersson Erik Martinsson.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Deployment of the VoIP Servers BY: Syed khaja Najmuddin Ahmed Anil Kumar Marikukala.

Deployment of the VoIP Servers BY: Syed khaja Najmuddin Ahmed Anil Kumar Marikukala.

Similar presentations

Ads by Google