Securing VoIP
Securing VoIP

Author: Regis J. Jr (Bud) Bates

Publisher: Elsevier

Published: 2014-11-14

Total Pages: 222

ISBN-13: 0124171222

DOWNLOAD EBOOK

Securing VoIP: Keeping Your VoIP Network Safe will show you how to take the initiative to prevent hackers from recording and exploiting your company's secrets. Drawing upon years of practical experience and using numerous examples and case studies, technology guru Bud Bates discusses the business realities that necessitate VoIP system security and the threats to VoIP over both wire and wireless networks. He also provides essential guidance on how to conduct system security audits and how to integrate your existing IT security plan with your VoIP system and security plans, helping you prevent security breaches and eavesdropping. - Explains the business case for securing VoIP Systems - Presents hands-on tools that show how to defend a VoIP network against attack. - Provides detailed case studies and real world examples drawn from the authors' consulting practice. - Discusses the pros and cons of implementing VoIP and why it may not be right for everyone. - Covers the security policies and procedures that need to be in place to keep VoIP communications safe.

Securing VoIP Networks
Securing VoIP Networks

Author: Peter Thermos

Publisher: Pearson Education

Published: 2007-08-01

Total Pages: 606

ISBN-13: 0132702304

DOWNLOAD EBOOK

In Securing VoIP Networks, two leading experts systematically review the security risks and vulnerabilities associated with VoIP networks and offer proven, detailed recommendations for securing them. Drawing on case studies from their own fieldwork, the authors address VoIP security from the perspective of real-world network implementers, managers, and security specialists. The authors identify key threats to VoIP networks, including eavesdropping, unauthorized access, denial of service, masquerading, and fraud; and review vulnerabilities in protocol design, network architecture, software, and system configuration that place networks at risk. They discuss the advantages and tradeoffs associated with protection mechanisms built into SIP, SRTP, and other VoIP protocols; and review key management solutions such as MIKEY and ZRTP. Next, they present a complete security framework for enterprise VoIP networks, and provide detailed architectural guidance for both service providers and enterprise users. 1 Introduction 2 VoIP Architectures and Protocols 3 Threats and Attacks 4 VoIP Vulnerabilites 5 Signaling Protection Mechanisms 6 Media Protection Mechanisms 7 Key Management Mechanisms 8 VoIP and Network Security Controls 9 A Security Framework for Enterprise VoIP Networks 10 Provider Architectures and Security 11 Enterprise Architectures and Security

Practical VoIP Security
Practical VoIP Security

Author: Thomas Porter CISSP CCNP CCDA CCS

Publisher: Elsevier

Published: 2006-03-31

Total Pages: 592

ISBN-13: 0080489559

DOWNLOAD EBOOK

Voice Over IP (VoIP) phone lines now represent over 50% of all new phone line installations. Every one of these new VoIP phone lines and handsets must now be protected from malicious hackers because these devices now reside on the network and are accessible from the Internet just like any server or workstation.This book will cover a wide variety of the publicly available exploit tools and how they can be used specifically against VoIP (Voice over IP) Telephony systems. The book will cover the attack methodologies that are used against the SIP and H.323 protocols as well as VoIP network infrastructure. Significant emphasis will be placed on both attack and defense techniques. This book is designed to be very hands on and scenario intensive· More VoIP phone lines are being installed every day than traditional PBX phone lines· VoIP is vulnerable to the same range of attacks of any network device· VoIP phones can receive as many Spam voice mails as your e-mail can receive Spam e-mails, and as result must have the same types of anti-spam capabilities

Hacking VoIP
Hacking VoIP

Author: Himanshu Dwivedi

Publisher: No Starch Press

Published: 2009

Total Pages: 236

ISBN-13: 1593271638

DOWNLOAD EBOOK

Voice over Internet Protocol (VoIP) networks, the technology used to place phone calls through the Internet, suffer from the same security holes as standard IP networks. This book reviews the many possible VoIP attacks, and discusses the best defenses against them.

How to Cheat at VoIP Security
How to Cheat at VoIP Security

Author: Thomas Porter CISSP CCNP CCDA CCS

Publisher: Syngress

Published: 2011-04-18

Total Pages: 433

ISBN-13: 0080553532

DOWNLOAD EBOOK

The Perfect Reference for the Multitasked SysAdminThis is the perfect guide if VoIP engineering is not your specialty. It is the perfect introduction to VoIP security, covering exploit tools and how they can be used against VoIP (Voice over IP) systems. It gives the basics of attack methodologies used against the SIP and H.323 protocols as well as VoIP network infrastructure. * VoIP Isn't Just Another Data ProtocolIP telephony uses the Internet architecture, similar to any other data application. However, from a security administrator's point of view, VoIP is different. Understand why. * What Functionality Is Gained, Degraded, or Enhanced on a VoIP Network?Find out the issues associated with quality of service, emergency 911 service, and the major benefits of VoIP.* The Security Considerations of Voice MessagingLearn about the types of security attacks you need to protect against within your voice messaging system.* Understand the VoIP Communication ArchitecturesUnderstand what PSTN is and what it does as well as the H.323 protocol specification, and SIP Functions and features.* The Support Protocols of VoIP EnvironmentsLearn the services, features, and security implications of DNS, TFTP, HTTP, SNMP, DHCP, RSVP, SDP, and SKINNY.* Securing the Whole VoIP InfrastructureLearn about Denial-of-Service attacks, VoIP service disruption, call hijacking and interception, H.323-specific attacks, and SIP-specific attacks.* Authorized Access Begins with AuthenticationLearn the methods of verifying both the user identity and the device identity in order to secure a VoIP network.* Understand Skype SecuritySkype does not log a history like other VoIP solutions; understand the implications of conducting business over a Skype connection.* Get the Basics of a VoIP Security PolicyUse a sample VoIP Security Policy to understand the components of a complete policy. - Provides system administrators with hundreds of tips, tricks, and scripts to complete administration tasks more quickly and efficiently - Short on theory, history, and technical data that ultimately is not helpful in performing their jobs - Avoid the time drains associated with securing VoIP

Understanding Voice Over IP Security
Understanding Voice Over IP Security

Author: Alan B. Johnston

Publisher: Artech House Publishers

Published: 2006

Total Pages: 296

ISBN-13:

DOWNLOAD EBOOK

VoIP (voice over IP) networks are currently being deployed by enterprises, governments, and service providers around the globe. Today, the hottest topic with engineers in the field is how to secure these networks. The book teaches practitioners how to design a highly secure VoIP network, explains Internet security basics, such as attack types and methods, and more.

Voice over IP Security
Voice over IP Security

Author: Angelos D. Keromytis

Publisher: Springer Science & Business Media

Published: 2011-03-30

Total Pages: 96

ISBN-13: 1441998667

DOWNLOAD EBOOK

Voice over IP (VoIP) and Internet Multimedia Subsystem technologies (IMS) are rapidly being adopted by consumers, enterprises, governments and militaries. These technologies offer higher flexibility and more features than traditional telephony (PSTN) infrastructures, as well as the potential for lower cost through equipment consolidation and, for the consumer market, new business models. However, VoIP systems also represent a higher complexity in terms of architecture, protocols and implementation, with a corresponding increase in the potential for misuse. In this book, the authors examine the current state of affairs on VoIP security through a survey of 221 known/disclosed security vulnerabilities in bug-tracking databases. We complement this with a comprehensive survey of the state of the art in VoIP security research that covers 245 papers. Juxtaposing our findings, we identify current areas of risk and deficiencies in research focus. This book should serve as a starting point for understanding the threats and risks in a rapidly evolving set of technologies that are seeing increasing deployment and use. An additional goal is to gain a better understanding of the security landscape with respect to VoIP toward directing future research in this and other similar emerging technologies.

Hacking Exposed Unified Communications & VoIP Security Secrets & Solutions, Second Edition
Hacking Exposed Unified Communications & VoIP Security Secrets & Solutions, Second Edition

Author: Mark Collier

Publisher: McGraw Hill Professional

Published: 2013-12-20

Total Pages: 561

ISBN-13: 0071798773

DOWNLOAD EBOOK

The latest techniques for averting UC disaster Establish a holistic security stance by learning to view your unified communications infrastructure through the eyes of the nefarious cyber-criminal. Hacking Exposed Unified Communications & VoIP, Second Edition offers thoroughly expanded coverage of today’s rampant threats alongside ready-to deploy countermeasures. Find out how to block TDoS, toll fraud, voice SPAM, voice social engineering and phishing, eavesdropping, and man-in-the-middle exploits. This comprehensive guide features all-new chapters, case studies, and examples. See how hackers target vulnerable UC devices and entire networks Defend against TDoS, toll fraud, and service abuse Block calling number hacks and calling number spoofing Thwart voice social engineering and phishing exploits Employ voice spam mitigation products and filters Fortify Cisco Unified Communications Manager Use encryption to prevent eavesdropping and MITM attacks Avoid injection of malicious audio, video, and media files Use fuzzers to test and buttress your VoIP applications Learn about emerging technologies such as Microsoft Lync, OTT UC, other forms of UC, and cloud and WebRTC

Packet Guide to Voice over IP
Packet Guide to Voice over IP

Author: Bruce Hartpence

Publisher: "O'Reilly Media, Inc."

Published: 2013-02-26

Total Pages: 243

ISBN-13: 1449339638

DOWNLOAD EBOOK

Go under the hood of an operating Voice over IP network, and build your knowledge of the protocols and architectures used by this Internet telephony technology. With this concise guide, you’ll learn about services involved in VoIP and get a first-hand view of network data packets from the time the phones boot through calls and subsequent connection teardown. With packet captures available on the companion website, this book is ideal whether you’re an instructor, student, or professional looking to boost your skill set. Each chapter includes a set of review questions, as well as practical, hands-on lab exercises. Learn the requirements for deploying packetized voice and video Understand traditional telephony concepts, including local loop, tip and ring, and T carriers Explore the Session Initiation Protocol (SIP), VoIP’s primary signaling protocol Learn the operations and fields for VoIP’s standardized RTP and RTCP transport protocols Delve into voice and video codecs for converting analog data to digital format for transmission Get familiar with Communications Systems H.323, SIP’s widely used predecessor Examine the Skinny Client Control Protocol used in Cisco VoIP phones in networks around the world

Information Systems Security
Information Systems Security

Author: Atul Prakash

Publisher: Springer Science & Business Media

Published: 2009-11-24

Total Pages: 338

ISBN-13: 3642107710

DOWNLOAD EBOOK

This book constitutes the refereed proceedings of the 5th International Conference on Information Systems Security, ICISS 2009, held in Kolkata, India, in December 2009. The 17 revised full papers and 4 short papers, presented together with 4 keynote talks were carefully reviewed and selected from 85 initial submissions. The papers are organized in topical sections on authentication, verification, systems security, behavior analysis, database security, and cryptography.