Practical VoIP Security

Voice Over IP (VoIP) phone lines must be protected from malicious hackers because these devices reside on the network. This book covers a variety of the publicly available exploit tools and how they can be used specifically against VoIP (Voice over IP) Telephony systems.

Voice Over IP (VoIP) phone lines now represent over 50 per cent of all new phone line installations. Every one of these new VoIP phone lines and handsets must now be protected from malicious hackers because these devices now reside on the network and are accessible from the Internet just like any server or workstation. This book will cover a wide variety of the publicly available exploit tools and how they can be used specifically against VoIP (Voice over IP) Telephony systems. The book will cover the attack methodologies that are used against the SIP and H.323 protocols as well as VoIP network infrastructure. Significant emphasis will be placed on both attack and defense techniques. This book is designed to be very hands on and scenario intensive. More VoIP phone lines are being installed every day than traditional PBX phone lines. VoIP is vulnerable to the same range of attacks of any network device. VoIP phones can receive as many Spam voice mails as your e-mail can receive Spam e-mails, and as result must have the same types of anti-spam capabilities.

1. Introduction 2. Architectures 3. Hardware 4. Protocols 5. Support Protocols 6. Protocol Security 7. Threats 8. Solutions Overview 9. Reuse Existing Security Infrastructure Wisely 10. Confirm User Identity 11. Active Security Monitoring 12. Logical Segregation 13. Encryption 14. A Note on Regulatory Compliance 15. Recommendations 17. Appendix A: Access List Guidelines