Hacking Exposed VoIP
Voice Over IP Security Secrets and Solutions

VoIP is a communications technology that is prone to attacks such as SPIT, Voicemail Brute forcing, Caller ID Spoofing, Registration Hijacking, active directory number harvesting, and more. This book shows you how to proactively fuzz VoIP components for potential vulnerabilities using freely and commercially available tools.

Find out how hackers footprint, scan, enumerate, and pilfer VoIP networks and hardware Fortify Cisco, Avaya, and Asterisk systems Prevent DNS poisoning, DHCP exhaustion, and ARP table manipulation Thwart number harvesting, call pattern tracking, and conversation eavesdropping Measure and maintain VoIP network quality of service and VoIP conversation quality Stop DoS and packet flood-based attacks from disrupting SIP proxies and phones Counter REGISTER hijacking, INVITE flooding, and BYE call teardown attacks Avoid insertion/mixing of malicious audio Learn about voice SPAM/SPIT and how to prevent it Defend against voice phishing and identity theft scams

Part I: Casing the Establishment Chapter 1: Footprinting a VoIP Network Chapter 2: Scanning a VoIP Network Chapter 3: Enumerating a VoIP Network Part II: Exploiting the VoIP Underlying Platforms Chapter 4:
VoIP Network Infrastructure Denial of Service (DoS) Chapter 5: VoIP Network Eavesdropping Chapter 6: VoIP Interception and Modification Part III: Exploiting Specific VoIP Platforms Chapter 7: Cisco Unified CallManager Chapter 8: Avaya Communication Manager Chapter 9: Asterisk Chapter 10: Emerging Softphone Technologies Part IV : VoIP Session and Application Hacking Chapter 11: VoIP Fuzzing Chapter 12: Flood-based Disruption of Service Chapter 13: Signaling and Media Manipulation Part V: Social Threats Chapter 14: SPAM over Internet Technology (SPIT) Chapter 15: Voice Phishing Index