Seven Deadliest Unified Communications Attacks book cover

Seven Deadliest Unified Communications Attacks

Seven Deadliest Unified Communications Attacks provides a comprehensive view of the seven deadliest attacks against a unified communications (UC) infrastructure. It looks at the intersection of the various communication technologies that make up UC, including Voice over IP (VoIP), instant message (IM), and other collaboration technologies. The book consists of seven chapters that cover the following: attacks against the UC ecosystem and UC endpoints; eavesdropping and modification attacks; control channel attacks; attacks on Session Initiation Protocol (SIP) trunks and public switched telephone network (PSTN) interconnection; attacks on identity; and attacks against distributed systems. Each chapter begins with an introduction to the threat along with some examples of the problem. This is followed by discussions of the anatomy, dangers, and future outlook of the threat as well as specific strategies on how to defend systems against the threat. The discussions of each threat are also organized around the themes of confidentiality, integrity, and availability.

Audience

Information security professionals of all levels; recreational hackers

Paperback, 224 Pages

Published: April 2010

Imprint: Syngress

ISBN: 978-1-59749-547-9

Reviews

  • York’s The Seven Deadliest Unified Communications Attacks mentioned in article on UnifiedCommunicationsEdge.com


Contents


  • Acknowledgments

    About the Author

    Introduction

    Chapter 1 The Unified Communications Ecosystem

        Anatomy of Attacks against the UC Ecosystem

        Dangers Associated with the UC Ecosystem

             DoS/Availability

             Toll Fraud

             Exposure of Information

        Future of Attacks against the UC Ecosystem

             Social Software and Services

             Public Versus Private Information

             Federation

             Mashups and APIs

             It’s All about the Cloud

             Bright Shiny Objects

        How to Defend Your UC Ecosystem

             Strategy #1: Identify All Ecosystem Components

             Strategy #2: Develop Security Plans for All Components

             Strategy #3: Engage in Holistic Ecosystem Testing

        Summary

    Chapter 2 Insecure Endpoints

        Anatomy of Attacks against UC Endpoints

             General DoS Attacks

             Finding Endpoints to Attack

             Default Passwords

             Hidden Accounts

             Undocumented Services

             Web Exploits

             Protocol Fuzzing

             Local Files

        Dangers of Attacks on Endpoints

             Denial of Service or Availability

             Toll Fraud

             Eavesdropping or Exposure of Information

             Annoyance

        The Future of Attacks against UC Endpoints

             More Powerful Endpoints

             Migration into Software

             Commodity Operating Systems

             Heterogeneous Deployments

             Mobility

             Massively Distributed Endpoints

        How to Defend Your Endpoints

             Strategy #1: Identify All Connected Endpoints

             Strategy #2: Change Default Passwords!

             Strategy #3: Turn off Unnecessary Services

             Strategy #4: Develop Patch Plans for All Endpoints

             Strategy #5: Understand How to Update and Secure Remote Endpoints

        Summary

    Chapter 3 Eavesdropping and Modification

        Anatomy of Eavesdropping and Modification Attacks

             Getting between the Endpoints

             Using Wireshark to Capture Voice

             Using Wireshark to Capture IM Traffic

             Capturing Audio, Video, and IM using Other Tools

             Modification Attacks

             Ettercap

        Dangers of Eavesdropping and Modification Attacks

             Exposure of Confidential Information

             Business Disruption

             Annoyance

             Loss of Trust

        The Future of Eavesdropping and Modification Attacks

             Increasing Market Size

             All-IP Enterprise Networks

             Cloud and Hosted Systems

             Federation between UC Systems

             Continued Endpoint Distribution

        How to Defend against Eavesdropping and Modification Attacks

             Strategy #1: Encryption of Voice and Video

             Strategy #2: Encryption of IM

        Summary

    Chapter 4 Control Channel Attacks: Fuzzing, DoS, SPIT, and Toll Fraud

        Anatomy of Control Channel Attacks

             Eavesdropping Attacks

             Modification Attacks

             Denial-of-Service Attacks

             Elevation of Authority or Password Cracking

             Fuzzing

             Spam for Internet Telephony

        Dangers of Control Channel Attacks

             Toll Fraud

             Denial of Service

             Exposure of Confidential Information

             Patterns in Aggregation

             Annoyance

             Loss of Trust

        Future of Control Channel Attacks

             Integration with Social Networks and Services

             PSTN Bypass

        How to Defend against Control Channel Attacks

             Strategy #1: Encrypting the Control Channel

             Strategy #2: Limit and Secure Interconnection Points

             Strategy #3: Use Strong Authentication

             Strategy #4: Deploy SBCs or SIP-Aware Firewalls

             Strategy #5: Auditing or Monitoring

        Summary

    Chapter 5 SIP Trunking and PSTN Interconnection

        Anatomy of Attacks on SIP Trunks and PSTN Interconnection

             Understanding SIP Trunking

             Attacks against SIP Trunking

        Dangers of Attacks on SIP Trunks and PSTN Interconnection

             Toll Fraud

             DoS

             Corporate Espionage/Exposure of Confidential Information

             Modification

             Spam for Internet Telephony

        The Future of Attacks on SIP Trunks and PSTN Interconnection

             Reasons for Growth

             Increased Market Size

             More ITSP Entrants with Few Cares about Security

             Expansion of the PSTN Trust Boundary

        How to Defend against Attacks on SIP Trunks and PSTN Interconnection

             Strategy #1: Understand Your ITSP

             Strategy #2: Establish a Secure Transport Layer

             Strategy #3: Ensure Strong Authentication Is in Place

             Strategy #4: Consider the Same Service Provider as Your Data/Internet Provider

             Strategy #5: Establish a Business Continuity/DR Plan

        Summary

    Chapter 6 Identity, Spoofing, and Vishing

        Anatomy of Attacks on Identity

             Caller ID Spoofing on the PSTN

             Identity Modification at the Originating Endpoint

             Identity Modification at Source System

             Identity Modification in Transit

             Vishing

        Dangers of Attacks on Identity

             Fraud

             Identity Theft

             Social Engineering

             Reputation Damage

             Annoyance

             Erosion of Trust

             Deceiving Automated Systems

        The Future of Attacks on Identity

             Interconnection and Federation

             RFC 4474 SIP Identity and Whatever Comes Next

             Social Identity Systems

        How to Defend against Attacks on Identity

             Strategy #1: Educate Your Users about Potential Threats and What Not to Trust

             Strategy #2: Understand and Lock Down Holes that Allow Spoofing

             Strategy #3: Evaluate Strong Identity Solutions

             Strategy #4: Monitor and Participate in Ongoing Identity Discussions

        Summary

    Chapter 7 The End of Geography

        Anatomy of Attacks against Distributed Systems

             Attacks against Remote Workers

             Attacks against Branch Offices

             Attacks against Distributed Systems

             Attacks against Cloud-based Services

             Attacks against Federation

        Dangers of Attacks against Distributed Systems

             DoS/Availability

             Eavesdropping

             Modification

             Fraud

        The Future of Attacks against Distributed Systems

             Mobility

             Social Networks

             New Collaboration Technologies

             Movement into the Cloud

        Geography Does Matter

        How to Defend against Attacks against Distributed Systems

             Strategy #1: Deploy Secure Firewall Traversal Mechanisms

             Strategy #2: Ensure Understanding of Security at Fixed Locations

             Strategy #3: Understand Security Ramifications of Federation

             Strategy #4: Ensure Secure Authentication

             Strategy #5: Secure Your Connections to Services in the Cloud

        Summary

    Index

        


Advertisement

advert image