Organizations that are implementing Voice over IP (VoIP) technologies in a bid to cut communications costs shouldn't overlook the security risks that can crop up when the voice and data worlds converge. Most companies implementing VoIP are concerned about quality-of-service (QoS) considerations, such as voice quality, latency and interoperability, rather than security.
The convergence of the voice and data worlds — and the inheritance of IP security risks into the traditional voice side of the network through the implementation of VoIP — require that VoIP implementation also include measures such as encrypting voice services, building redundancy into VoIP networks, locking down VoIP servers and performing regular security audits to secure the network. As with traditional IP networks, it is also important that VoIP equipment is properly locked down, placed behind firewalls, patched against vulnerabilities and frequently monitored using intrusion-detection systems.
For VoIP security, you want to identify vulnerable areas and then make the cost to the attacker higher than the value. The first step is to identify what you are trying to accomplish when implementing VoIP security measures. Collectively, this is called risk identification and identifies what and why you are avoiding, preventing, protecting or securing. For instance, you want to avoid disruptions to your VoIP phone service, prevent unauthorized calls, protect sensitive phone conversations and records, secure VoIP servers and other network devices so they don't become launch points for attacks against other devices, and so on.
The next step is to identify what a potential attacker is trying to accomplish. For example, what are they after? Are they internal employees, corrupt administrators, external terrorists or script kiddies? Some examples of identification of risk are as follows:
- A potential attacker may want to disrupt your business by disrupting the IP network or causing phone outages. As little as a 200-ms delay in VoIP traffic flow will cause the conversation to suffer.
- An attacker may want to use your network to obtain long-distance phone calls free and at your cost.
- An attacker may want to obtain confidential, proprietary or insider information through the capture of voice data. For example, a tool known as Voice Over Misconfigured Internet Telephones (VOMIT) doesn't capture VoIP traffic itself but accepts a capture file from a TCPDUMP, etc., and converts it to a plain audio file.
- The Address Translation Table tracks IPs and phone numbers. This can be subverted and lead to improper connections. An attacker may want to hack into VoIP servers to redirect calls or obtain call details.
There are many reasons why a potential attacker may target your network: to access your organization's financial data; to make unauthorized calls on your network so they can save money; or to damage your company through disruption of key business services. The potential attackers could be end users, internal or external unauthorized users, disgruntled employees, competitors and possibly corrupt administrators.
Read the rest of this chapter for an overview of the various VoIP risks, including OS vulnerabilities, toll fraud, SYN flood and DDoS attacks.
Printed with permission from Digital Press, a division of Elsevier. Copyright 2005. For more information about this title, and other similar titles, please visit http://www.books.elsevier.com.
This was first published in July 2005