Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing your IP based Phone System By Kevin Moroz VP Technology Snom Inc.

Published byAmice Todd Modified over 9 years ago

Similar presentations

Presentation on theme: "Securing your IP based Phone System By Kevin Moroz VP Technology Snom Inc."— Presentation transcript:

1 Securing your IP based Phone System By Kevin Moroz VP Technology Snom Inc.

2 What are we trying to protect? Denial of Service – the phone system is down! Toll Fraud – a very large phone bill! Eavesdropping – someone listening to your calls. Call detailed records exposed – who is calling you and who are you calling! Karma! – keeping everyone happy! – remote users, internal users, road warriors, finance, admins, – system should be “Set it and forget it “ – moves adds changes SHOULD be the major activity

3 Denial of Service is Priority 1 DoS attacks can take your whole system down. – nobody can call you and you can’t call anybody for help! Worse case scenario! If your phone system sits on a public IP address this is a very realistic scenario. Why be on a public IP address? – makes it very easy for remote users to connect from home and on the road from behind NAT’d devices if the IPBX has this capability. – debatable whether this is the practical scenario for enterprises but a must for service providers.

4 Intrusion Detection is a must! Need to automatically detect an attack and email admin

5 Intruder Alert! Automatic Email Notification From: thepbx@yourcompany.com [mailto:admin@mycompany.com] Sent: Sunday, January 09, 2011 8:57 PM To: admin@mycompany.com.com Subject: My Company Name Goes here: Address 69.61.210.157 has been blacklisted The IP address 69.96.218.157 has been blacklisted for 1440 minutes because there were 10 unsuccessful authentication attempts (sip). From: thepbx@yourcompany.com [mailto:admin@mycompany.com] Sent: Sunday, January 09, 2011 8:57 PM To: admin@mycompany.com.com Subject: My Company Name Goes here: Address 70.96.218.17 has been blacklisted The IP address 70.96.218.17 has been blacklisted for 1440 minutes because there were 10 unsuccessful authentication attempts (http).

6 Many programs on Internet to “test” the system for vulnerabilities.

7 Friendly VoIP Scanner not so friendly! scans the network SIP packets. Once it gets a SIP response back like a 401 or a 404 it sends massive amounts of SIP packets to the IP address Renders it useless since it is to busy processing all of the packets. Even if you have port forwarding the router will forward the calls and bog it down. Need something intelligent to figure out you are being attached and to do something about it while maintaining the current call load.

8 SipVicious! test tool that can go rogue easily. test tools gone wild!

9 hackingvoip.com probably a good read to learn some torture tricks for an IPBX! Not a bad idea to test your system with some of these public tools.

10 More free “tools” available these tools make it easier for “newbies” to be able to launch “DOS” attacks.

11 IPBX should monitor the CPU! If more than x% of the CPU is in use then don’t accept any more calls. – Send a 5xx message – Server Failure with the reason code in the packet. protects current calls to be processed without any quality issues. New calls may not go through until a call is released or CPU is under the threshold. Send email alert!

12 Different topologies IPBX has one network interface card (NIC) on a private address. Remote users VPN in. – not practical since not many phones support VPN natively yet and complex to setup the VPN endpoints. – open VPN is a good open source project. IPBX has on NIC on a private address with a SIP aware router/session border controller installed. IPBX is on a public IP address and a private IP address. – make sure your running the latest OS and patches. IPBX is only on a public IP address – service providers

13 Need slide with picture of scenarios

14 Toll Fraud- Big business! Big Money VoIP Bandit Got em! http://www.amw.com/fugitives/capture.cf m?id=49218&refresh=1 http://www.amw.com/fugitives/capture.cf m?id=49218&refresh=1 Recent 12 Million dollar case in Romania. Not

15 1 st line of defense is the passwords! Most toll fraud is accomplished by guessing simple passwords. Extension 101 / password 101. This happened to one of my customers just last week. The ITSP cut them off at $250 since their usage spiked dramatically.

16 How to protect toll fraud password management restrict Direct Inward Station Access (DISA) accounts or calling card type of features. Put a rate table on the trunk and restrict the accounts. prepay or have the ITSP put limits on the accounts.

17 How can we train the users? Force them to use strong passwords? – How? Make sure the system forces them!

18 Difference between High and Medium Passwords Medium Security: The score must be 120 or higher High Security: The score must be 200 or higher

19 admin needs to monitor passwords! The status screen indicates that the password is weak. – either it is the same as the username. – It is easily guessable 1234

20 Prepay support ability to put a rate table in the pbx put a dollar amount in on the extension or the whole pbx. Once the balance is expired no more external calls for that extension or system.

21 Number of srtp implementations

22 What are we trying to protect? Denial of Service – the phone system is down! Toll Fraud – a very large phone bill! Eavesdropping – someone listening to your calls. Call detailed records exposed – who is calling you and who are you calling! Karma! – keeping everyone happy! – remote users, internal users, road warriors, finance, admins, – system should be “Set it and forget it “ – moves adds changes SHOULD be the major activity

23 Prepay support ability to put a rate table in the pbx put a dollar amount in on the extension or the whole pbx. Once the balance is expired no more external calls for that extension or system.

24 Protecting the conversation! Probably the easiest since not a new problem to solve. i.e. https. Probably the hardest to implement – certificates, keys, encryption, VPN’s

25 Number of SRTP implementations

26

27

28

Download ppt "Securing your IP based Phone System By Kevin Moroz VP Technology Snom Inc."

Similar presentations

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.
Addressing Security Issues IT Expo East 2011. Addressing Security Issues Unified Communications SIP Communications in a UC Environment.

Addressing Security Issues IT Expo East Addressing Security Issues Unified Communications SIP Communications in a UC Environment.
1 Copyright © 2005, Cisco Systems, Inc. All rights reserved. Applying Security Principles to Networking Applications Mark Enright Dec.

1 Copyright © 2005, Cisco Systems, Inc. All rights reserved. Applying Security Principles to Networking Applications Mark Enright Dec.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Firewall Configuration Strategies

Firewall Configuration Strategies
How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.

How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
Security Awareness Chapter 5 Wireless Network Security.

Security Awareness Chapter 5 Wireless Network Security.
Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.

Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Network Security Peter Behrens Seth Elschlager. Computer Security Preventing unauthorized use of your network and information within that network. Preventing.

Network Security Peter Behrens Seth Elschlager. Computer Security Preventing unauthorized use of your network and information within that network. Preventing.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Department Of Computer Engineering

Department Of Computer Engineering
By: Christopher Henderson.  What is VoIP?  How is it being used?  VoIP’s main Security Threats.  Availability of Service  Integrity of Service 

By: Christopher Henderson.  What is VoIP?  How is it being used?  VoIP’s main Security Threats.  Availability of Service  Integrity of Service 

Similar presentations

Ads by Google