voip security voice over internet protocol n.
Skip this Video
Loading SlideShow in 5 Seconds..
VoIP Security (Voice over Internet Protocol) PowerPoint Presentation
Download Presentation
VoIP Security (Voice over Internet Protocol)

VoIP Security (Voice over Internet Protocol)

387 Vues Download Presentation
Télécharger la présentation

VoIP Security (Voice over Internet Protocol)

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. VoIP Security(Voice over Internet Protocol) Brian Martin Matt Protacio February 28, 2007

  2. History of VoIP • First “internet phone” service offered in 1995 by a company called Vocaltec • Most people didn’t yet have broadband, and most soundcards were half duplex. • First PC to phone service in 1998, followed by phone to phone service. Cisco, Nortel, and Lucent develop hardware VOIP switches (gateways). • VOIP traffic exceeded 3% of voice traffic by 2000

  3. History of VoIP (Continued) • Around 2004 began mass marketing for “digital phone” service bundled with broadband arranged so calls would be received over regular phones. • “Digital phone” services use an adaptor from the modem to a phone jack so there is almost no difference between that and regular phone service. Other services use software clients requiring a computer with a microphone.

  4. VoIP vs. Old Phones • Benefits: • More efficient bandwidth usage • Only one type of network required, data abstraction in the network • Criticisms: • 911 localization doesn’t always work • Phones aren’t useable in a power outage, unless UPS are deployed • Fax machines might not work

  5. Common VoIP Security Threats • VoIP Security Alliance, founded in 2005 • Threat Taxonomy • Forums, Articles • Caller misrepresentation, caller id spoofing • Unwanted calls, spam or stalking

  6. Common VoIP Security Threats (Continued) • Traffic Capture • Eavesdropping • Interception • Alteration (conversion quality, content) • Black holing • Call Hijacking • SIP (Session Initiation Protocol) register hijacking • DoS

  7. SIP registration hijacking with SiVuS and a botnet • SIP • Session Initiation Protocol • Application layer control protocol for initiating VOIP sessions • Control messages were not encrypted and had no mechanism to verify integrity • So even if registration requires authentication, it can be sniffed easily

  8. The basic attack plan • Both Callers must register with a registrar server before a call may be initiated • DoS the receiver with zombie minions • Deregister him with the registrar • Falsify his registration with SiVuS • Anyone planning to call him will not know and you can try to claim you are the legitimate call receiver. • Chances are the intended call receiver will not notice either

  9. Good Ideas • If using SIP use TLS • Transport Layer Security (encryption, basically) • The text based messages of SIP are considered a feature though • If only VoIP appliances are connected to the the network, then no PCs are available to launch attacks from. • Segregate data and voice to their own Virtual Lans (VLANs) • Encrypt!!! • Prevents voice injections and casual eavesdropping • Redundant network to deal with DoS. • Secure IP-PBX and gateway boxes

  10. VoIP Popularity • “VoIP use has more than doubled in the past year, according to Telegeography Research, and experts expect the growth to continue.” • New York Daily News, Februray 26, 2007

  11. Popular VoIP Services • Enterprise • Cisco CallManager • Home • Vonage • Skype • Cable Companies (Time Warner, Insight, Comcast, etc.)

  12. Cisco CallManager • Enterprise VoIP Product • Marketed towards companies and organizations looking to replace legacy PBX (Private Business Exchange) systems or install a new IP telephony based system

  13. Cisco CallManager System Design • Phones • Deskphones, model 7960 • Ethernet, PoE (Power over Ethernet) • Software Phone • IP Communicator • Popular for using across a VPN

  14. Software Phone: IP Communicator

  15. Cisco CallManager System Design (continued) • Servers • CallManager Subscribers and Publishers • Windows or Linux Servers running Cisco Software • Process all calls • Interface with existing PBX systems

  16. CallManager Security • Multiple VLANs • Separate VLANs for Voice and Data • Higher Security by isolating voice on separate VLAN • Primary Protocols • SIP • H.323

  17. H.323 Attack • Attacker can exploit the open standard protocol to establish malicious phone calls • Microsoft Netmeeting can be used to initiate an H.323 Phone Call • Malicous phone calls can be established to make international calls • Threat can be eliminated by not allowing international dialing on lines from telephone company

  18. IP Phone Tap • Capture IP packets from Phone • Use Ethereal network sniffer • Extract audio from packets • Export audio file of phone call

  19. Prevent Phone Tapping • Encrypt voice traffic • Prevent attacker from capturing traffic out of a phone • Lock down access to network switch phone is connected to

  20. Conclusion • VoIP is established as the future of telephones • Security is critical when designing and maintaining VoIP systems Questions?