VoIP Security Voice over Internet Protocol - PowerPoint PPT Presentation

1 / 28
About This Presentation
Title:

VoIP Security Voice over Internet Protocol

Description:

First 'internet phone' service offered in 1995 by a company called Vocaltec ... Vonage. Skype. Cable Companies (Time Warner, Insight, Comcast, etc.) Cisco CallManager ... – PowerPoint PPT presentation

Number of Views:185
Avg rating:3.0/5.0
Slides: 29
Provided by: fake8
Category:

less

Transcript and Presenter's Notes

Title: VoIP Security Voice over Internet Protocol


1
VoIP Security(Voice over Internet Protocol)
  • Brian Martin
  • Matt Protacio
  • February 28, 2007

2
History of VoIP
  • First internet phone service offered in 1995 by
    a company called Vocaltec
  • Most people didnt yet have broadband, and most
    soundcards were half duplex.
  • First PC to phone service in 1998, followed by
    phone to phone service. Cisco, Nortel, and
    Lucent develop hardware VOIP switches (gateways).
  • VOIP traffic exceeded 3 of voice traffic by 2000

3
History of VoIP (Continued)
  • Around 2004 began mass marketing for digital
    phone service bundled with broadband arranged so
    calls would be received over regular phones.
  • Digital phone services use an adaptor from the
    modem to a phone jack so there is almost no
    difference between that and regular phone
    service. Other services use software clients
    requiring a computer with a microphone.

4
VoIP vs. Old Phones
  • Benefits
  • More efficient bandwidth usage
  • Only one type of network required, data
    abstraction in the network
  • Criticisms
  • 911 localization doesnt always work
  • Phones arent useable in a power outage, unless
    UPS are deployed
  • Fax machines might not work

5
Common VoIP Security Threats
  • VoIP Security Alliance, founded in 2005
  • Threat Taxonomy
  • Forums, Articles
  • Caller misrepresentation, caller id spoofing
  • Unwanted calls, spam or stalking

6
Common VoIP Security Threats (Continued)
  • Traffic Capture
  • Eavesdropping
  • Interception
  • Alteration (conversion quality, content)
  • Black holing
  • Call Hijacking
  • SIP (Session Initiation Protocol) register
    hijacking
  • DoS

7
SIP registration hijacking with SiVuS and a botnet
  • SIP
  • Session Initiation Protocol
  • Application layer control protocol for initiating
    VOIP sessions
  • Control messages were not encrypted and had no
    mechanism to verify integrity
  • So even if registration requires authentication,
    it can be sniffed easily

8
The basic attack plan
  • Both Callers must register with a registrar
    server before a call may be initiated
  • DoS the receiver with zombie minions
  • Deregister him with the registrar
  • Falsify his registration with SiVuS
  • Anyone planning to call him will not know and you
    can try to claim you are the legitimate call
    receiver.
  • Chances are the intended call receiver will not
    notice either

9
(No Transcript)
10
(No Transcript)
11
(No Transcript)
12
Good Ideas
  • If using SIP use TLS
  • Transport Layer Security (encryption, basically)
  • The text based messages of SIP are considered a
    feature though
  • If only VoIP appliances are connected to the the
    network, then no PCs are available to launch
    attacks from.
  • Segregate data and voice to their own Virtual
    Lans (VLANs)
  • Encrypt!!!
  • Prevents voice injections and casual
    eavesdropping
  • Redundant network to deal with DoS.
  • Secure IP-PBX and gateway boxes

13
VoIP Popularity
  • VoIP use has more than doubled in the past year,
    according to Telegeography Research, and experts
    expect the growth to continue.
  • New York Daily News, Februray 26, 2007

14
Popular VoIP Services
  • Enterprise
  • Cisco CallManager
  • Home
  • Vonage
  • Skype
  • Cable Companies (Time Warner, Insight, Comcast,
    etc.)

15
Cisco CallManager
  • Enterprise VoIP Product
  • Marketed towards companies and organizations
    looking to replace legacy PBX (Private Business
    Exchange) systems or install a new IP telephony
    based system

16
Cisco CallManager System Design
  • Phones
  • Deskphones, model 7960
  • Ethernet, PoE (Power over Ethernet)
  • Software Phone
  • IP Communicator
  • Popular for using across a VPN

17
Software Phone IP Communicator
18
Cisco CallManager System Design (continued)
  • Servers
  • CallManager Subscribers and Publishers
  • Windows or Linux Servers running Cisco Software
  • Process all calls
  • Interface with existing PBX systems

19
CallManager Security
  • Multiple VLANs
  • Separate VLANs for Voice and Data
  • Higher Security by isolating voice on separate
    VLAN
  • Primary Protocols
  • SIP
  • H.323

20
H.323 Attack
  • Attacker can exploit the open standard protocol
    to establish malicious phone calls
  • Microsoft Netmeeting can be used to initiate an
    H.323 Phone Call
  • Malicous phone calls can be established to make
    international calls
  • Threat can be eliminated by not allowing
    international dialing on lines from telephone
    company

21
IP Phone Tap
  • Capture IP packets from Phone
  • Use Ethereal network sniffer
  • Extract audio from packets
  • Export audio file of phone call

22
(No Transcript)
23
(No Transcript)
24
(No Transcript)
25
(No Transcript)
26
(No Transcript)
27
Prevent Phone Tapping
  • Encrypt voice traffic
  • Prevent attacker from capturing traffic out of a
    phone
  • Lock down access to network switch phone is
    connected to

28
Conclusion
  • VoIP is established as the future of telephones
  • Security is critical when designing and
    maintaining VoIP systems
  • Questions?
Write a Comment
User Comments (0)
About PowerShow.com