VoIP protocols: A technical guide

This guide reviews the two main protocols that power VoIP -- Session Initiation Protocol (SIP) and H.323 -- and their known vulnerabilities, as well as how functional protocol testing ("fuzzing") can help defeat such problems.

Today, many companies are replacing traditional telecommunications services with Voice over Internet Protocol (VoIP), using their own IP network infrastructure to slash phone bills and increase productivity. However, IP telephony terminals, call servers, proxies and gateways create new attack targets, and converged voice/data networks can fall victim to new exploits.

Like all new technologies, VoIP implementations require careful design, testing and analysis to identify and eliminate security vulnerabilities, and reduce the risk of compromise. This guide reviews the two main protocols that power VoIP -- Session Initiation Protocol (SIP) and H.323 -- and their known vulnerabilities, as well as how functional protocol testing ("fuzzing") can help defeat such problems.

 VOIP PROTOCOLS TECHNICAL GUIDE

Check out this full VoIP protocol listing or learn more about VoIP security in this Learning Guide.

ABOUT THE AUTHOR:

 
 

Lisa Phifer is vice president of Core Competence Inc., a consulting firm specializing in network security and management technology. Phifer has been involved in the design, implementation, and evaluation of data communications, internetworking, security, and network management products for nearly 20 years. She teaches about wireless LANs and virtual private networking at industry conferences and has written extensively about network infrastructure and security technologies for numerous publications.
 

 

This was first published in January 2006

Dig deeper on Network Protocols and Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close