VoIP Threats and Attacks - PowerPoint PPT Presentation

About This Presentation
Title:

VoIP Threats and Attacks

Description:

VoIP Threats and Attacks Alan Johnston VoIP as an Application VoIP is an Internet Application Subject to both voice specific AND Internet ... – PowerPoint PPT presentation

Number of Views:76
Avg rating:3.0/5.0
Slides: 11
Provided by: AlanJo4
Learn more at: https://www.ietf.org
Category:

less

Transcript and Presenter's Notes

Title: VoIP Threats and Attacks


1
VoIP Threats and Attacks
  • Alan Johnston ltalan_at_sipstation.comgt

2
VoIP as an Application
  • VoIP is an Internet Application
  • Subject to both voice specific AND Internet
    attacks
  • E.g. flooding DoS attack could be INVITEs or TCP
    SYN packets
  • Need to secure each layer independently
  • Defense in Depth
  • This Presentation uses VOIPSA (http//www.voipsa.o
    rg) VoIP Security and Privacy Threat Taxonomy
    as outline

3
Eavesdropping Threats
  • Call Pattern Tracking
  • Besides signaling, DNS queries can reveal
    information
  • Traffic Capture
  • Number Harvesting
  • E.g. ENUM with Contact URIs or AORs with
    identifying information
  • Conversation Reconstruction
  • If Perfect Forward Secrecy (PFS) is not used,
    content can be stored for later decryption
  • Voicemail Reconstruction
  • Current low levels of authentication
  • Fax Reconstruction
  • Video Reconstruction
  • Text Reconstruction

4
Interception and Modification
  • Call Black Holing
  • Authentication of responses critical
  • Call Rerouting
  • How many intermediaries
  • Fax Alteration
  • Conversation Alteration
  • Authentication of RFC 2833 DTMF tones
  • Conversation Degrading
  • RTCP protection as well as RTP
  • Conversation Impersonation and Hijacking
  • Human to human authentication a la ZRTP
  • False Caller Identification
  • Trivial in PSTN today, commonplace in email
  • Who is asserting identity as important as what
    identity is being asserted
  • See RFC 4474 to see how to do this correctly

5
Intentional Interruption of Service
  • Denial of Service
  • Centralized servers make for better DoS targets
    (e.g. SBCs)
  • Request Flooding
  • User Call Flooding
  • User Call Flooding Overflowing to Other Devices
  • Overload voice mail storage
  • Endpoint Request Flooding
  • Endpoint Request Flooding after Call Setup
  • Call Controller Flooding
  • Request Looping
  • Setting Max-Forwards to 69
  • Directory Service Flooding
  • DNS and ARP poisoning

6
Interruption of Service Continued
  • Malformed Requests and Messages
  • Disabling Endpoints with Invalid Requests
  • Injecting Invalid Media into Call Processor
  • Malformed Protocol Messages
  • For SIP, see RFC 4475 Torture Tests
  • QoS Abuse
  • QoS can easily work both ways
  • Spoofed Messages
  • Faked Call Teardown Message
  • Faked Response
  • Call Hijacking
  • Registration Hijacking
  • Digest does not provide registration
    authentication
  • Media Session Hijacking
  • Server Masquerading

7
Interruption of Service Continued
  • Network Services DoS
  • Underlying Operating System/Firmware DoS
  • Distributed Denial of Service
  • Use ICE for media authorization to avoid
    accidental media DoS
  • Other Interruptions of Service
  • Loss of Power
  • Resource Exhaustion
  • Performance Latency and Metrics

8
Non-Technical Threats
  • Social Threats
  • Misrepresentation
  • Misrepresenting Identity
  • Misrepresenting Authority
  • Misrepresenting Rights
  • Misrepresenting Content
  • Theft of Services
  • Unwanted Contact
  • Harrassment
  • Extortion
  • Unwanted Lawful Content Including VoIP SPAM and
  • Other Subjectively Offensive Content
  • Service Abuse
  • Physical Intrusion

9
Selected SIP Specific Topics
  • ACK and CANCEL can not be authenticated by
    challenge
  • Require Offer/Answer in INVITE/200 OK
  • Ignore CANCELs
  • Non-symmetric routing makes response
    authentication extremely difficult
  • Use rport or connection-reuse
  • Certificates are good unless
  • Not properly validated
  • Not properly correlated to host names

10
Summary
  • VoIP is a new application
  • New is not good in security terms
  • VoIP devices and software are new
  • Security standards are still being developed in
    IETF
  • Secure RTP media
  • Usage of Secure SIP and TLS
  • VoIP threats are much more Internet than PSTN
Write a Comment
User Comments (0)
About PowerShow.com