Seven Deadliest Unified Communications Attacks

1st Edition

Authors: Dan York
Paperback ISBN: 9781597495479
eBook ISBN: 9781597495486
Imprint: Syngress
Published Date: 22nd April 2010
Page Count: 224
Tax/VAT will be calculated at check-out
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Seven Deadliest Unified Communications Attacks provides a comprehensive view of the seven deadliest attacks against a unified communications (UC) infrastructure. It looks at the intersection of the various communication technologies that make up UC, including Voice over IP (VoIP), instant message (IM), and other collaboration technologies.
The book consists of seven chapters that cover the following: attacks against the UC ecosystem and UC endpoints; eavesdropping and modification attacks; control channel attacks; attacks on Session Initiation Protocol (SIP) trunks and public switched telephone network (PSTN) interconnection; attacks on identity; and attacks against distributed systems. Each chapter begins with an introduction to the threat along with some examples of the problem. This is followed by discussions of the anatomy, dangers, and future outlook of the threat as well as specific strategies on how to defend systems against the threat. The discussions of each threat are also organized around the themes of confidentiality, integrity, and availability.

Key Features

  • Knowledge is power, find out about the most dominant attacks currently waging war on computers and networks globally
  • Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how
  • Institute countermeasures, don’t be caught defenseless again, and learn techniques to make your computer and network impenetrable


Information security professionals of all levels; recreational hackers

Table of Contents

Acknowledgments About the Author Introduction Chapter 1 The Unified Communications Ecosystem Anatomy of Attacks against the UC Ecosystem Dangers Associated with the UC Ecosystem DoS/Availability Toll Fraud Exposure of Information Future of Attacks against the UC Ecosystem Social Software and Services Public Versus Private Information Federation Mashups and APIs It’s All about the Cloud Bright Shiny Objects How to Defend Your UC Ecosystem Strategy #1: Identify All Ecosystem Components Strategy #2: Develop Security Plans for All Components Strategy #3: Engage in Holistic Ecosystem Testing Summary Chapter 2 Insecure Endpoints Anatomy of Attacks against UC Endpoints General DoS Attacks Finding Endpoints to Attack Default Passwords Hidden Accounts Undocumented Services Web Exploits Protocol Fuzzing Local Files Dangers of Attacks on Endpoints Denial of Service or Availability Toll Fraud Eavesdropping or Exposure of Information Annoyance The Future of Attacks against UC Endpoints More Powerful Endpoints Migration into Software Commodity Operating Systems Heterogeneous Deployments Mobility Massively Distributed Endpoints How to Defend Your Endpoints Strategy #1: Identify All Connected Endpoints Strategy #2: Change Default Passwords! Strategy #3: Turn off Unnecessary Services Strategy #4: Develop Patch Plans for All Endpoints Strategy #5: Understand How to Update and Secure Remote Endpoints Summary Chapter 3 Eavesdropping and Modification Anatomy of Eavesdropping and Modification Attacks Getting between the Endpoints Using Wireshark to Capture Voice


No. of pages:
© Syngress 2010
eBook ISBN:
Paperback ISBN:

About the Author

Dan York

Dan York (CISSP) is the Best Practices Chair for the VOIP Security Alliance (VOIPSA) as well as the producer of "Blue Box: The VoIP Security Podcast" where since October 2005 he and co-host Jonathan Zar have discussed VOIP security news and interviewed people involved in the field. Dan is employed as the Director of Conversations at Voxeo Corporation heading up the company's communication through both traditional and new/social media. Previously, Dan served in Voxeo's Office of the CTO focused on analyzing/evaluating emerging technology, participating in industry standards bodies and addressing VoIP security issues. Since the mid-1980s Dan has been working with online communication technologies and helping businesses and organizations understand how to use and participate in those new media. Dan frequently presents at conferences, has authored multiple books on Linux and networking and writes extensively online at sites such as and

Affiliations and Expertise



York’s The Seven Deadliest Unified Communications Attacks mentioned in article on