VoIP VULNERABILITIES

CCIP INFORMATION NOTE | ISSUE 06 Matthew Hurley, January 07

VoIP VULNERABILITIES

The following report outlines characteristics of Voice over Internet Protocol (VoIP). It explains the benefits and history of VoIP. Then it describes current VoIP standards and the security risks and vulnerabilities that surround the technology. In addition, particular attention is drawn to Skype, currently the most popular VoIP application in use today.


VoIP VULNERABILITIES | MATTHEW HURLEY �

Table of Contents

Table of contents .................................................................................. 3

Introduction ............................................................................................. 4

VoIP Benefits ............................................................................................ 5

VoIP History .............................................................................................. 6

VoIP Standards ........................................................................................ 7

H.323............................................................................................................. 8

Session Initiation Protocol (SIP) .................................................... 9

VoIP Vulnerabilities ............................................................................10

Risks & Vulnerabilities Inherited from IP .............................. 11

Risks & Vulnerabilities Associated with VoIP ......................12

Risks & Vulnerabilities Specific to VoIP ..................................14

Skype ..........................................................................................................17

Conclusion ..............................................................................................19

References ...............................................................................................20

Disclaimer Information....................................................................21

TABLE of coNTENTS

� CCIP INFORMATION NOTE - ISSUE 06

VoIP is defined as the ability to make telephone calls,

send faxes and carry out video-conferencing over

IP based networks. This is achieved by utilising current

VoIP standards and protocols such as H.323, Session

Initiation Protocol (SIP), and Skype to convert analogue

signals into digital data that can be transmitted over

the Internet. VoIP offers a number of benefits including

increased flexibility and reduced overheads to any

organisation that is willing to change its voice networks

from the traditional circuit switched network to that of

the packet switched network utilised by VoIP.

Even though the traditional Public Switched Telephone

Network (PSTN) has proven to be highly reliable over

the past 135 years, VoIP is seen as a more promising

alternative. This is because VoIP is more effective when

utilizing available bandwidth and also allows for more

efficient network deployment models. Taking the

above into account, it is not hard to understand that

the number of VoIP subscribers has steadily increased

to 18.1 million users worldwide as at the end of

2005 . It has also been projected that the number of

VoIP subscribers will more than double to 47 million

subscribers by the end of 2006 .

Like any new IT service, VoIP has a large number of

inherent and associated security risks and vulnerabilities

that can affect the reliability and availability of an

organisations IT infrastructure. It is also one of the

major issues slowing the uptake of VoIP. Therefore it is

paramount for any organisation looking to incorporate

VoIP to have a total understanding of the threats that

they will be potentially introducing into their IP networks.

This report classifies the risks and vulnerabilities of VoIP

into three categories 1those inherited from IP, 2those

1 http://clickz.com/showPage.html?page=3623253 2 http://lw.pennnet.com/Articles/Article_Display.cfm?ARTICLE_ID=267354&p=13

associated with VoIP, and those specific to VoIP. Firstly,

an overview of the benefits of VoIP.

INTRodUcTIoN


There are two major benefits to any organisation

or business wanting to implement VoIP in their

day-to-day operations. The first major benefits is the

lower costs associated with VoIP when compared to

that of the traditional PSTN. The main reasons VoIP is

considered more economical include:

Reduced cost of phone calls: The costs of phone

calls via VoIP are minuscule when compared to

equivalent calls made over the traditional PSTN.

This is because VoIP takes advantage of existing

WAN connectivity to remote locations over a

dedicated data network or the Internet, thus

avoiding any long-distance toll-call charges.

Reduced maintenance and capital costs: VoIP is

based on software rather than purely hardware,

therefore it is easier to alter and maintain.

Furthermore deploying a VoIP network can be

less expensive when compared with the costs

of deploying a Private Branch Exchange (PBX).

Simplified infrastructure: Because VoIP

utilises the same infrastructure as your data

network its possible to converge the two, thus

simplifying the operation and management of

the network. This is also advantageous from a

cost perspective as a single network can carry

both voice and data.

The financial gain provided by VoIP obviously depends

on the size of the business and how that particular

business operates. One particular business case,

provided by Deloitte’s New Zealand, showed the initial

VoIP setup cost for a medium sized business of 350

employees would be close to $225,000. This figure

includes an incremental capital investment of $125,000

as it would approximately cost $100,000 to replace the

existing analogue system. Once installed the system

•

•

•

would facilitate call savings of at least $5,000 dollars

a year. However consultants in the industry state that

call savings are only a small part of the overall benefits

gained by a VoIP system. The major benefits come from

the simplified infrastructure and with it the reduced

management and maintenance costs.

The second major benefit of VoIP is increased flexibility

and location independence. These additional benefits

emphasize the advantages to be gained by any

organisation implementing the technology and show

that VoIP is more than simply just a way to reduce

expenditure. They include:

Improved flexibility: VoIP allows for new helpful

features like ‘click-to-call’ that enable a user to

simply click a URL while browsing a web page

that will initiate a call over a VoIP network to an

attendant.

Improved productivity: A Virtual Private Network

(VPN) combined with VoIP can be used to set

up a fully functioning office anywhere there

is a broadband connection. Furthermore VoIP

treats voice as if it were any other kind of data, so

users can attach documents to voice messages

or participate in virtual meetings using shared

data and videoconferencing.

Location Independence: This allows an

individual to have incoming phone calls

automatically routed to their office or personal

VoIP phone number regardless of location. This

is because when using a VoIP network, the user

only needs to be able to register their location

with the VoIP server to be able to receive calls.

•

•

•

VoIP BENEfITS


The history of VoIP dates back to 1964 when Paul

Baran wrote the first paper on secure packetised

voice. However, it was not until thirty-one years later in

1995 that the first internet phone software ‘Vocaltec’

was released. Coincidently it was in May of the same

year that the International Telecommunications Union

(ITU) initiated work on the H.323 standard. The next

major development in VoIP occurred in September

of 1999 when work was commenced on the popular

SIP by the Internet Engineering Task Force (IETF). SIP

was then accepted as a 3rd Generation Partnership

Project (3GPP) signalling protocol in November 2000.

The following year Microsoft incorporated VoIP into

Windows XP Messenger using SIP. This was closely

followed by the founding of Vonage, which is a leading

provider of broadband telephone services with over 2

million subscribers in 2006. The last major development

in VoIP came in August of 2003 with the release of

Skype.

VoIP HISToRy


There are two major non proprietary standards used for VoIP communications by many VoIP software applications. They are H.323 and Session Initiation Protocol (SIP).

VoIP STANdARdS


H.323 is a protocol suite specified by the ITU

that lays a foundation for IP based real-time

communications including audio, video and data.

H.323 was designed to handle call setup and tear-down

functions and can use both TCP and UDP as a transport

mechanism. Security within the H.323 protocol is

achieved by the H.235 protocol, which incorporates

four security goals including authentication, integrity,

privacy, and non-repudiation. These goals are provided

through four mechanisms, namely: configuration,

authentication, key exchange, and encryption.

Security concerns within H.323 arise as many of the

protocols use random ports causing problems securing

them through firewalls. This may be mitigated by using

direct routed calls, however since the ports required for

H.323 are not defined, a filtering firewall would require

all possibly-needed ports left open, thus allowing

multiple entry points to be exploited by malicious

users.

H.�2�


Session Initiation Protocol is a signalling protocol

specified by the IETF, used to set up and tear down

two-way communications sessions. Security in SIP is

similar to H.323 and aims to achieve confidentiality,

message integrity, non-repudiation, authentication

and privacy. SIP has a security advantage over H.323

as it uses only one port (traditionally TCP and UDP

port 5060). However because SIP operates at the

application level, no new security mechanisms were

created. Instead SIP’s security is achieved by utilising the

security mechanisms provided by HyperText Transfer

Protocol (HTTP), Simple Mail Transfer Protocol (SMTP),

and Internet Protocol Security (IPSec).

One of the main security concerns for SIP are that

HTTP Digest does not provide adequate integrity, and

spoofing of the header would be easily accomplished

without employing S/MIME (Secure/Multipurpose

Internet Mail Extension). The use of S/MIME for

encryption also adds another issue as it uses public key

infrastructure, thus making it difficult for users moving

between devices as certificates are associated with

users. Lastly the text encoding of SIP makes it easier to

analyse using standard parsing techniques. The security

issues of SIP are highly apparent as there has been over

20,000 uniquely identifiable threats launched against

SIP networks in the last two years3.

A common security issue for both VoIP standards comes

through the use of NAT (Network Address Translation).

NAT poses a problem for both H.323 and SIP as it is

designed to hide the IP address on the internal network

from the public network. Thus causing a disruption

firstly, in the ‘setup next’ procedure used by each

protocol within the H.323 suite and secondly, inhibiting

3 G. S Sipera, Comprehensive VoIP Security for the Enterprise: Not Just Encryption & Authentication, Sipera (March 2006)

SESSIoN INITIATIoN PRoTocoL (SIP)

SIP’s registrations and communication mechanisms. It

is possible to resolve NAT issues when using VoIP but

this usually requires innovative solutions.

10 CCIP INFORMATION NOTE - ISSUE 06

As VoIP is an IP based technology that utilises the Internet it also inherits all

associated IP vulnerabilities. The impact of these Internet-borne attacks is

then multiplied by the VoIP architecture as it adds a number of additional

weaknesses, which require futher work to secure and maintain. Furthermore,

as with adding any new service to an inadequately secured environment,

is like piercing holes in an already-leaky boat. The following paragraphs

describe the risks and vulnerabilities of VoIP that are firstly, inherited from

IP, secondly, associated with VoIP, and lastly, specific to VoIP.


VoIP VULNERABILITIES | MATTHEW HURLEY 11

Poor Architectural design

Poor or inadequate architecture

can lead to ongoing difficulties in

the operation and security of a VoIP

system. Firewalls are particularly

vulnerable areas in a VoIP network

as they require additional ports to

be opened to facilitate VoIP traffic.

Non VoIP-aware firewalls may lack

dynamic interaction with VoIP so

they simply leave a range of ports

continually open for call activity.

RISkS & VULNERABILITIES INHERITEd fRom IP

PBX Hosts & Gateways

Most service interceptions and

eavesdropping attacks will usually

require the compromise of a PBX

as a means of network access. A

compromised host or gateway

can facilitate this by capturing

voice packets to reveal information

on all calls, call duration, and call

parameters. This information will

permit the mapping of VoIP, and

possibly the supporting data

networks.

Replay Attacks

A replay attack can be mounted

against a VoIP network by

retransmitting a legitimate session

so that the recipient device

reprocesses the data. The basis

of a replay attack is to capture

a valid packet, which can then

be replayed into the network.

This generally causes the target

network to respond and provide

more traffic to capture, eventually

providing enough information

to move to packet spoofing and

masquerading, or simply finding an

entry point into the target network

for eavesdropping.

For example a replay attack could

be used to gain access to a network

by capturing and replaying a valid

user ID and password, even though

the captured data is encrypted and

the attacker was unable to decrypt

it.


fuzzing

Fuzzing is a legitimate method of

testing software systems for bugs

and is accomplished by providing

an application with semi-valid input

to see what its reaction will be. This

technique can be employed to

exploit vulnerabilities in a target

VoIP system and is achieved by

sending messages so that the

target system will assume the

sent content is valid. In reality, the

message is ‘broken’ or ‘fuzzed’, thus

causing various failures to occur

when the target system attempts

to parse or process it. Resultant

failures can include application

delays, information leaks, and

system crashes.

Packet Spoofing &

masquerading

Packet spoofing uses IP packets

with a false source address that may

be used for:

obscuring the origin of the

packet

implicating another site or host

as the attack originator

masquerading as a trusted host

interception or hijacking of

network traffic

directing responses to another

host or system

undertaking man-in-the-middle

spoofing attacks

A major risk associated with packet

spoofing and masquerading is

identity theft. For example a man-

in-the-middle spoofing attack, as

shown in Figure 1, can be launched

when a person makes a call, which

includes sensitive information. As a

result of the attack they may speak

to the intended recipient however,

their call is being monitored by

malicious users.

•

•

••

•

•

RISkS & VULNERABILITIES ASSocIATEd wITH VoIP

Reconnaissance Attacks

Reconnaissance Attacks are a form

of intelligence gathering where

networks are probed to ascertain

their vulnerabilities. Methods used

to achieve this include call walking

and port scanning and are the first

action undertaken by an attacker

when attempting to penetrate a

network. A successful probe would

determine the behaviour of the

network’s equipment, users, and

services that might be available

to be exploited or disrupted. This

information could then be used to

launch a focused attack against the

network.

Caller B

Malicious User

Caller A

Intended Call Flow

Resulting Call Flow Resulting Call F

low

VoIP VULNERABILITIES | MATTHEW HURLEY 1�

RISkS & VULNERABILITIES ASSocIATEd wITH VoIP continued

Reliability & Availability

challenges

To achieve constant real time voice

communications, VoIP places a high

priority on Quality of Service (QoS).

However the reliability of voice and

data networks is closer to 99.9%,

which compares poorly against

the 99.999% reliability that people

have come to expect from the

traditional PSTN. Even though this

doesn’t appear to be a significant

difference it equates to an additional

downtime of 8.7 hours each year for

VoIP. This could ultimately lead to

the loss of human life if emergency

services were required during this

outage window.

denial of Service (doS)

DoS and Distributed Denial of Service (DDoS) attacks occur when a

malicious user deliberately sends an exceedingly large amount of random

messages to one or more VoIP end-points from either a single location

(DoS) or from multiple locations (DDoS), as shown in Figure 2. Multiple

locations are achieved through the use of zombies (compromised machines

that could be woken upon request and used for malicious purposes). The

DoS attack is successful when the amount of incoming messages exceeds

the processing capacity of the target system, thereby exhausting system

resources and thus, denying services to the end-users.

VoIP systems are especially vulnerable to DoS and DDoS attacks because of

the high fundamental requirement that they place on QoS. Therefore less

traffic or network disruption is required for a DoS attack to be successful

when compared to mounting a DoS attack against a data network. A

further consideration is needed where VoIP and data share the same

network. Here the data network could also be subject to the same DoS

attack. Examples of VoIP specific DoS attacks include identity spoofing and

cancellation of pending call set up signals, also known as the SIP CANCEL

DoS attack.

Malicious User VoIP Server

Zombies

Malicious User VoIP Phone

DoS Attack on End Point DDos Attack on Call Server

1� CCIP INFORMATION NOTE - ISSUE 06

Phone Impersonation

Phone impersonation occurs

due to the weak authentication

process attributed to VoIP. There

are two major contributors that

consolidate this fact. Firstly, there is

a limited human interface available

for VoIP phones, limiting users to

the selection of a numeric PIN for

their password in lieu of a strong

password based on the entire

ASCII character set. Secondly, and

this is related to the SIP standard,

the authentication mechanism is

based on the MD5 algorithm. An

attacker who can sniff the entire

SIP authentication exchange

cannot observe the password

sent in plain text, but can observe

enough information to mount an

offline dictionary attack against

the password. The combination of

these weaknesses allows passwords

to be easily obtained by an attacker

and then used to impersonate a

phone or user.

RISkS & VULNERABILITIES SPEcIfIc To VoIP

cId Spoofing

One type of masquerading is based on the manipulation of Caller ID (CID),

which is used to identify the caller before answering, and is known as CID

spoofing. The CID is based on reported information from different carrier

switches and is specified by the switch administrator in a VoIP environment.

This allows an attacker to spoof their CID information with a text string or

phone number they specify and could be used to give credibility to various

malicious users undertaking social engineering attacks.

In addition to this, the option for CID privacy (i.e. the ability to obscure

your phone number from the CID display) is not possible with VoIP, since

the phone number is included in the SIP and H.323 header. This allows any

attacker with a IP packet sniffer, such as tcpdump, to discover the remote

caller’s phone number, even if their number has been marked as private by

their service provider. Further, there are a number of CID spoofing service

providers in the US that, for a small fee, allow users to choose the number

they are calling from.

A recent example of CID spoofing was reported by SpoofCard.com, which is

a company that sells enhanced calling cards that provide the CID spoofing

ability. Coincidently 50 customer’s accounts were cancelled, including

Paris Hilton’s, due to customers abusing the CID spoofing feature to break

into other peoples voice-mail accounts, listen to their messages, and even

change the targeted user’s greetings5.

5 http://voipsa.org/blog/2006/08/28/paris-hilton-hacker-extraordinaire/


RISkS & VULNERABILITIES SPEcIfIc To VoIP continued

call Hijacking & Redirection

Call hijacking and redirection occurs when a call intended for one user

is redirected to another. To achieve this, an attacker only needs to have

knowledge of the user’s authentication credentials in order to impersonate

and receive all calls intended for that user. Methods including spoofing of a

node, man-in-the-middle attacks, and manipulation of call requests using

signalling response codes make call hijacking and redirection relatively

easy to instigate. Further to this, VoIP features including call forwarding and

‘follow-me’ also help facilitate the ability to route calls to specific phone

numbers.

Call hijacking and redirection can also be used for financial gain. For example,

call hijacking can be targeted by cyber-criminals who resell the calls. This is

sometimes used as a money laundering channel from which organisations

would only see an increase in bandwidth usage together with increased

costs. Similarly, call redirection may also transit another system to collect

data for later analysis or simply as a revenue gathering mechanism. In this

case, the consequences may include the loss of sensitive information and

service disruption.

Call hijacking was recently discovered in Miami by the US Federal

government. In this particular case Edwin Pena sold discounted Internet

phone services by hacking into other Internet phone providers and

piggybacking connections through their networks unbeknown to them.

In one three-week period a particular Internet phone provider received

about 500,000 calls that were made to look like they had come from the

investment company Rye Brook. Because of this, the victimised Internet

phone provider was left having to pay $300,000 in connection fees for

routing the phone traffic to other carriers without receiving any revenue

for the calls6.

6 http://voipsa.org/blog/2006/06/07/hacker-cracks-net-phone-providers-for-gain/

Eavesdropping

Eavesdropping is the unauthorised

interception of voice packets or Real

Time Protocol (RTP) media streams,

and the decoding of signalling

messages. It is a relatively simple

attack to administer and tools such

as network protocol analysers,

sniffers and packet capture tools

are freely available on the Internet.

Wireshark is an example of a

tool that can be used to capture

VoIP traffic and reconstruct VoIP

conversations.

A real world example of

eavesdropping was publicised in

July of 2005 where flaws were found

in Cisco’s CallManager VoIP software.

The flaw could be exploited by

sending specially crafted packets to

the Cisco CallManager that allowed

an attacker to create a heap overflow

and ultimately enable him to mount

an eavesdropping attack4.

4 http://www.techweb.com/wire/security/165702369


VoIP Spam

VoIP SPAM or Spam over Internet Telephony (SPIT) is the

unsolicited and unwanted bulk messages broadcast

over VoIP to particular end users. Not only could this

be extremely annoying (especially when time zones

are taken into consideration), it also has the potential to

be rather costly where for example, calls are forwarded

to mobile phones. Another issue arises with SPIT and

the fact that high-volume bulk calls routed over IP are

very difficult to trace and have the inherent capacity

for fraud, unauthorised resource use, and privacy

violations.

Voice mail bombing is a form of SPIT where multiple

(this may entail hundreds or even thousands of) voice

mail messages flood voice mail boxes. This attack could

result in service disruption or a denial of service attack.

The first real wide spread phishing attack utilising

VoIP was launched in June 2006 against customers of

the Santa Barbara Bank & Trust in Southern California.

Targets of the scam were sent an official looking email

warning them that their bank account had been locked

as a security measure and asked that the recipient call

the supplied number to verify the account and user’s

identity. When customers called the number they were

greeted with an automated voice system requesting

that they enter their account number and other

personal information7.

The above paragraphs explain three different groups

of risks and vulnerabilities that can affect the security

of a VoIP service or network. They also show that any

organisation wanting to utilise this technology needs

to be strongly aware of the issues surrounding it and

have appropriate security polices in place to mitigate

7 http://www.eweek.com/article2/0,1895,1985966,00.asp

these. The above paragraphs also emphasize the fact

that organisations that chose a simplified infrastructure

for both voice and data could experience disruptions to

their data networks if an attack was launched against

their more vulnerable VoIP network.

VoIP is a relatively new technology and research

regarding its security is very young, in fact it is said

to be at the tip of the iceberg. Therefore as additional

research is carried out and new vulnerabilities are

discovered, it would be important for an organisation

to consider separating the data and VoIP networks in

order to avoid a potential business and or operational

catastrophe.

The following paragraphs will look at Skype, which

is the most commonly used VoIP application on the

market today.

RISkS & VULNERABILITIES SPEcIfIc To VoIP continued


Skype is a proprietary VoIP system developed by

Skype Technologies and released in August 2003.

It is the software of choice in the UK, being used by

48% of VoIP users8. Skype, which recorded a record

high of 8 million users online at one time in November

2006, utilises a Peer-to-Peer architecture that relies on a

central authentication sever to authenticate users and

software distributions. In addition to this, both user

identities and software distributions are digitally signed

by an RSA private key. The resulting RSA public key is

embedded into every Skype executable and thus,

provides the basis for voice encryption.

Skype does differ considerably from SIP and H.323 in

the way that it connects clients that are sitting behind

firewalls. In order to initiate a connection, Skype creates

a rendezvous point, also known as a super-node, which

ensures NAT’ed users can communicate with each

other. A super-node is a computer operating on a public

IP address that has the ability to proxy connections to

the Skype clients behind the more restrictive firewalls.

Further to this, the total amount of load placed on a

network when a machine becomes a super-node is

unknown and it also has the ability to interfere with

a business’s applications and services. One publicised

example showed that while a user’s machine was

acting as a super node, Skype was utilising 100kbps

of the company’s bandwidth for both upload and

download dataflows9.

Super-nodes are not the only concern of the Skype

protocol. Security is also a major concern, the key

properties being; privacy, authenticity, availability,

survivability, resilience, and integrity (of conversation

and system).

8 http://www.eweek.com/article2/0,1895,1985966,00.asp9 http://www.voipwiki.com/blog/?p=30

SkyPE

However, there are a number of other factors that

affect the security of Skype. Firstly, the security of

Skype depends on the security of the computer and

network on which Skype is running. Secondly, because

Skype uses a proprietary protocol, the only sources

of information regarding any security weaknesses are

statements from the company and publicly disclosed

vulnerabilities. Thirdly, because Skype is mostly a peer-

to-peer system, the overall security can be affected by

third parties that are unknown to those in a particular

phone conversation. The latter is possible as problems

have been identified in Skype’s encryption format,

which firstly, allows the execution of man-in-the-middle

attacks and secondly, enables the ability for a worm to

be hidden in the encryption during transmission10.

These are not the only concerns that affect the security

of Skype. Another issue arises in Skype because it is ‘port-

agile’ meaning that if a firewall port is blocked, Skype will

seek other open ports to establish a connection. This

feature would also allow an attacker, if a vulnerability

was exploited, to use the application to gather further

information about machines on a network. Therefore,

Skype could provide a back door into otherwise secure

networks for worms, Trojans, and viruses11.

In addition to the above, it was recently shown that

Skype could provide botnet controls that could enable

a better way for controlling zombies. What is concerning

about this for an organisation is that any attack (for

example a DoS attack) resulting from this technology

may be virtually impossible to identify the perpetrator.

This is because Skype uses proprietary technology and

encrypted data traffic that cannot be easily monitored.

10 http://www.skypejournal.com/blog/archives/2005/11/five_reasons_not_to_block_skype_1.php11 http://computerworld.co.nz/news.nsf/news/1C31DD62E610104ACC2570B40016C985


This potential concern could be mitigated by a small

group of Chinese engineers who have proved that

they have reverse engineered Skype. The redesigned

software has a different GUI than the traditional Skype

application and can be used to discover the IP address

and physical location of the Skype user who you are

calling12.

Even though Skype has a number of key features,

including privacy, authenticity, availability, survivability,

resilience, and integrity, in place to ensure its security,

the above paragraphs clearly outline that these are far

from foolproof. In addition it has also been identified

that Skype’s own functionality used to provide its high

quality service can also be used for malicious purposes.

Also, the concept of hosting a super-node is far from

desirable for any organisation that values its bandwidth.

Therefore it is important for an organisation to fully

understand the security risks of Skype when choosing

to use it as their main VoIP application.

12 http://www.voipwiki.com/blog/?p=26

SkyPE continued


VoIP offers a number of benefits to any organisation

considering implementing it into its day-to-

day operations. At the time of writing, organisations

have the choice of two VoIP standards and one

proprietary protocol (H.323, SIP, and Skype) that can

be utilised for lowering the costs of daily operations

and increasing flexibility. However, any organisation

that has implemented or is looking to implement VoIP

needs to be aware of the security issues surrounding

the technology. Phone impersonation, reconnaissance

attacks, eavesdropping, SPIT, call hijacking and

redirection, and identity theft are only a few of the

possible risks and vulnerabilities that a malicious

person can mount against an organisation’s VoIP

service. Therefore, it is important organisations carry

out the appropriate security measures to ensure the

confidentiality, integrity, and availability of their VoIP,

and in some cases, data networks.

coNcLUSIoN


S. Garfinkel, VoIP and Skype Security, Skype

Security Overview – Rev 1.6 (May 2005)

J. Waldron , VoIP Security Essentials, Black Hat

Briefings

http://www.blackhat.com/presentations/bh-usa-

06/BH-US-06-Waldron.pdf

Dr. T. Porter, H.323 Mediated Voice over IP:

Protocols, Vulnerabilities & Remediation

http://www.securityfocus.com/print/

infocus/1782

Cyber Security Industry Alliance, Cyber Security

for IP Telephony, Findings & Recommendations

(May 2005)

C. Roberts, Voice Over IP Security, Centre for

Critical Infrastructure Protection (May 2005)

Sipera, Comprehensive VoIP Security for the

Enterprise: Not Just Encryption & Authentication,

Sipera (March 2006)

Whichvoip, The History of VoIP

http://www.whichvoip.com/voip/articles/voip_

history.htm

Dr. R. Kuhn, T. J. Walsh, S. Fries, Security

Considerations for Voice Over IP Systems, NIST SP

800-58

VoIP – Standards and Protocols

http://www2.rad.com/networks/2001/voip/prtcls.

htm

G. S. Tucker, Voice Over Internet Protocol (VoIP)

and Security, SANS Institute (October 2004)

Systems & Network Attacks Centre (SNAC),

Security Guidance for Deploying IP Telephony

Systems, NSA (February 2006)

1.

2.

3.

4.

5.

6.

7.

8.

9.

10.

11.

REfERENcES

While this publication is accurate to the best of our knowledge, CCIP does not accept any

responsibility for errors or omissions. CCIP will not be liable for any loss or damage howsoever

caused, arising from or in connection with the use of information contained in this publication.

Reference in this publication in any manner to any commercial product, process or service does not

constitute or imply its endorsement or recommendation by CCIP. Views and opinions expressed

herein may not be used for advertising or product endorsement purposes.

DISCLAIMER INFORMATION

CENTRE for CRITICAL INFRASTRUCTURE PROTECTION

www.ccip.govt.nz | ph: +64 4 498-7654 | fax: +64 4 498-7655

PO Box 12-209, Wellington , New Zealand

VoIP VULNERABILITIES

Documents

Transcript of VoIP VULNERABILITIES