SearchSecurity Technical

VoIP protocols: A technical guide

    Requires Free Membership to View

Today, many companies are replacing traditional telecommunications services with Voice over Internet Protocol (VoIP), using their own IP network infrastructure to slash phone bills and increase productivity. However, IP telephony terminals, call servers, proxies and gateways create new attack targets, and converged voice/data networks can fall victim to new exploits.

Like all new technologies, VoIP implementations require careful design, testing and analysis to identify and eliminate security vulnerabilities, and reduce the risk of compromise. This guide reviews the two main protocols that power VoIP -- Session Initiation Protocol (SIP) and H.323 -- and their known vulnerabilities, as well as how functional protocol testing ("fuzzing") can help defeat such problems.


Check out this full VoIP protocol listing or learn more about VoIP security in this Learning Guide.



Lisa Phifer is vice president of Core Competence Inc., a consulting firm specializing in network security and management technology. Phifer has been involved in the design, implementation, and evaluation of data communications, internetworking, security, and network management products for nearly 20 years. She teaches about wireless LANs and virtual private networking at industry conferences and has written extensively about network infrastructure and security technologies for numerous publications.


This was first published in January 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: