Save up to 30% on Elsevier print and eBooks with free shipping. No promo code needed.
Save up to 30% on print and eBooks.
How to Cheat at VoIP Security
1st Edition - May 14, 2007
Authors: Thomas Porter CISSP CCNP CCDA CCS, Michael Gough
Language: English
eBook ISBN:9780080553535
9 7 8 - 0 - 0 8 - 0 5 5 3 5 3 - 5
The Perfect Reference for the Multitasked SysAdminThis is the perfect guide if VoIP engineering is not your specialty. It is the perfect introduction to VoIP security, covering e…Read more
Purchase options
LIMITED OFFER
Save 50% on book bundles
Immediately download your ebook while waiting for your print delivery. No promo code is needed.
The Perfect Reference for the Multitasked SysAdmin This is the perfect guide if VoIP engineering is not your specialty. It is the perfect introduction to VoIP security, covering exploit tools and how they can be used against VoIP (Voice over IP) systems. It gives the basics of attack methodologies used against the SIP and H.323 protocols as well as VoIP network infrastructure. * VoIP Isn’t Just Another Data Protocol IP telephony uses the Internet architecture, similar to any other data application. However, from a security administrator’s point of view, VoIP is different. Understand why. * What Functionality Is Gained, Degraded, or Enhanced on a VoIP Network? Find out the issues associated with quality of service, emergency 911 service, and the major benefits of VoIP. * The Security Considerations of Voice Messaging Learn about the types of security attacks you need to protect against within your voice messaging system. * Understand the VoIP Communication Architectures Understand what PSTN is and what it does as well as the H.323 protocol specification, and SIP Functions and features. * The Support Protocols of VoIP Environments Learn the services, features, and security implications of DNS, TFTP, HTTP, SNMP, DHCP, RSVP, SDP, and SKINNY. * Securing the Whole VoIP Infrastructure Learn about Denial-of-Service attacks, VoIP service disruption, call hijacking and interception, H.323-specific attacks, and SIP-specific attacks. * Authorized Access Begins with Authentication Learn the methods of verifying both the user identity and the device identity in order to secure a VoIP network. * Understand Skype Security Skype does not log a history like other VoIP solutions; understand the implications of conducting business over a Skype connection. * Get the Basics of a VoIP Security Policy Use a sample VoIP Security Policy to understand the components of a complete policy.
Provides system administrators with hundreds of tips, tricks, and scripts to complete administration tasks more quickly and efficiently
Short on theory, history, and technical data that ultimately is not helpful in performing their jobs
Avoid the time drains associated with securing VoIP
System Administrators; Security Professionals
Lead Author and Technical Editor
Chapter 1: Introduction to VoIP Security
Introduction
The Switch Leaves the Basement
What Is VoIP?
VoIP Isn’t Just Another Data Protocol
Security Issues in Converged Networks
A New Security Model
Summary
Chapter 2: The Hardware Infrastructure
Introduction
Traditional PBX Systems
PBX Alternatives
VoIP Telephony and Infrastructure
Summary
Chapter 3: Architectures
Introduction
PSTN: What Is It, and How Does It Work?
PSTN Call Flow
PSTN Protocol Security
The H.323 Protocol Specification
The Primary H.323 VoIP-Related Protocols
H.235 Security Mechanisms
Understanding SIP
SIP Functions and Features
SIP Architecture
Instant Messaging and SIMPLE
Summary
Chapter 4: Support Protocols
Introduction
DNS
TFTP
HTTP
SNMP
DHCP
RSVP
SDP
Skinny
Summary
Chapter 5: Threats to VoIP Communications Systems
Introduction
Denial-of-Service or VoIP Service Disruption
Call Hijacking and Interception
H.323-Specific Attacks
SIP-Specific Attacks
Summary
Chapter 6: Confirm User Identity
Introduction
802.1x and 802.11 i (WPA2)
802.1x/EAP Authentication
Public Key Infrastructure
Minor Authentication Methods
Summary
Chapter 7: Active Security Monitoring
Introduction
Network Intrusion Detection Systems
NIDS Defined
Components
Types
Placement
Important NIDS Features
Maintenance
Alerting
Logging
Extensibility
Response
Limitations
Honeypots and Honeynets
Host-Based Intrusion Detection Systems
Logging
Syslog
SNMP
What Is a Penetration/Vulnerability Test?
Methodology
Discovery
Scanning
Vulnerability Assessment
Exploitation
Reporting
Summary
Chapter 8: Logically Segregate Network Traffic
Introduction
VLANs
QoS and Traffic Shaping
NAT and IP Addressing
Firewalls
Access Control Lists
Summary
Chapter 9: IETF Encryption Solutions for VoIP
Introduction
Suites from the IETF
S/MIME: Message Authentication
TLS: Key Exchange and Signaling Packet Security
SRTP: Voice/Video Packet Security
Summary
Chapter 10: Skype Security
Security
Chapter 11: Skype Firewall and Network Setup
A Word about Network Address Translation and Firewalls
What You Need to Know about Configuring Your Network Devices
Appendix B: The IP Multimedia Subsystem: True Converged Communications
Introduction
IMS Security Architecture
IMS Security Issues
Early IMS Security Issues
Summary
Appendix C: Regulatory Compliance
Introduction
SOX: Sarbanes-Oxley Act
GLBA: Gramm-Leach-Bliley Act
HIPAA: Health Insurance Portability and Accountability Act
CALEA: Communications Assistance for Law Enforcement Act
E911: Enhanced 911 and Related Regulations
EU and EU Member States’ eCommunications Regulations
Summary
Index
No. of pages: 432
Language: English
Edition: 1
Published: May 14, 2007
Imprint: Syngress
eBook ISBN: 9780080553535
TP
Thomas Porter CISSP CCNP CCDA CCS
Thomas Porter, Ph.D. (CISSP, CCNP, CCDA, CCSE/SA, ACE, IAM) served as the first Chief Information Security Officer (CISO) at Avaya, and is currently the Lead Security Architect for Business Communication Consulting and Director of IT Security for the FIFA 2006 World Cup in Germany He is a past member of the IP Security Protocol Working Group, and the Executive Telecommunications Board of the State University of New York. He is currently a member of the IEEE, and OASIS (Organization for the Advancement of Structured Information Standards).
Affiliations and expertise
Director of IT Security, FIFA 2006 World Cup
MG
Michael Gough
Michael Gough is host and webmaster of www.SkypeTips.com, which was launched in January 2005 and receives more than 100,000 hits per month, and www.VideoCallTips.com, which receives more than 30,000 hits per month. Michael writes articles on Skype and related issues. He also explains Skype’s options and instructions to users so that they can practically apply Skype at home and in the workplace. Michael also evaluates products used with Skype and provides feedback to the vendors on features and improvements to help drive the direction of Skype-related products. Michael is also the host and webmaster for www.VideoCallTips.com, a Web site focused on helping people understand how to make video calls to family and friends, and maintains ratings of the many video call solutions available.
Michael’s full-time employment is as a computer security consultant with 18 years’ experience in the computer technology field. Michael works for a Fortune 500 company, where he delivers security consulting services to their clients. Michael also presents for his company at many trade shows and conferences and works with associations and groups, advising agencies like the FBI on Skype security and the Center for Internet Security on wireless security.
Affiliations and expertise
Computer security consultant, host and webmaster, www.SkypeTips.com and www.VideoCallTips.com