In this excerpt from Chapter 7 of VoIP Security, authors James F. Ransome and John Rittinghouse introduce VoIP security risks and offer a strategy for addressing them.
Organizations that are implementing Voice over IP (VoIP) technologies in a bid to cut
communications costs shouldn't overlook the security risks that can crop up
when the voice and data worlds converge. Most companies implementing
VoIP are concerned about quality-of-service (QoS) considerations, such as
voice quality, latency and interoperability, rather than security.
The convergence of the voice and data worlds — and the inheritance of
IP security risks into the traditional voice side of the network through the
implementation of VoIP — require that VoIP implementation also include
measures such as encrypting voice services, building redundancy into VoIP
networks, locking down VoIP servers and performing regular security
audits to secure the network. As with traditional IP networks, it is also
important that VoIP equipment is properly locked down, placed behind
firewalls, patched against vulnerabilities and frequently monitored using
intrusion-detection systems.
For VoIP security, you want to identify vulnerable areas and then make
the cost to the attacker higher than the value. The first step is to identify
what you are trying to accomplish when implementing VoIP security measures.
Collectively, this is called risk identification and identifies what and
why you are avoiding, preventing, protecting or securing. For instance, you
want to avoid disruptions to your VoIP phone service, prevent unauthorized
calls, protect sensitive phone conversations and records, secure VoIP
servers and other network devices so they don't become launch points for
attacks against other devices, and so on.
The next step is to identify what a potential attacker is trying to accomplish.
For example, what are they after? Are they internal employees, corrupt
administrators, external terrorists or script kiddies? Some examples of
identification of risk are as follows:
- A potential attacker may want to disrupt your business by disrupting
the IP network or causing phone outages. As little as a 200-ms delay
in VoIP traffic flow will cause the conversation to suffer.
- An attacker may want to use your network to obtain long-distance
phone calls free and at your cost.
- An attacker may want to obtain confidential, proprietary or insider
information through the capture of voice data. For example, a tool
known as Voice Over Misconfigured Internet Telephones (VOMIT)
doesn't capture VoIP traffic itself but accepts a capture file from a
TCPDUMP, etc., and converts it to a plain audio file.
- The Address Translation Table tracks IPs and phone numbers. This
can be subverted and lead to improper connections. An attacker may
want to hack into VoIP servers to redirect calls or obtain call details.
There are many reasons why a potential attacker may target your network:
to access your organization's financial data; to make unauthorized
calls on your network so they can save money; or to damage your company
through disruption of key business services. The potential attackers could
be end users, internal or external unauthorized users, disgruntled employees,
competitors and possibly corrupt administrators.
Read the rest of this chapter for an overview of the various VoIP risks, including OS vulnerabilities, toll fraud, SYN flood and DDoS attacks.
Printed with permission from Digital Press, a division of Elsevier. Copyright 2005. For more information about this title, and other similar titles, please visit http://www.books.elsevier.com.
