Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures
Authors: Peter Thermos and Ari Takanen
Pages: 384
Publisher: Addison-Wesley Professional
ISBN: 0321437349
A sample chapter is available for download here.
Introduction
With the proliferation of VoIP networks and a substantial amount of FUD (Fear, Uncertainty and Doubt) that surrounds the process of implementing security on these networks, this book couldn’t have arrived on the shelves at a better time.
Written by two industry veterans, it promises to deliver quality information regarding threats, vulnerabilities as well as the very important countermeasures. Read on to discover what you can find in this title.
About the authors
Peter Thermos, Principal, Telcordia Technologies, has been providing consulting in the area of information security to commercial and government organizations for more than a decade.
Ari Takanen is a founder and CTO of Codenomicon Ltd. He is a distinctive member of the global security testing community and a regular speaker at various testing and security conferences.
Inside the book
Before digging deep into security problems, the authors outline the challenges related to VoIP security and a offer a brief risk analysis. This enables you to quickly grasp the big picture and see what type of questions your organization needs to answer to ensure the delivery of a proper security process.
The authors deliver a brief overview of VoIP architecture and protocols before moving on to discuss the various threats and attacks specific to VoIP. Here you learn about service disruption, eavesdropping and traffic analysis, masquerading and impersonation, unauthorized access and fraud. Not surprisingly, Denial of Service is still a major problem.
Practical readers will be satisfied since several techniques and tools are presented and the text is complemented with informative screenshots and figures which make the material easier to understand. Some of the covered tools are Wireshark, Cain & Abel and SiVuS.
In order to be able to secure VoIP networks you need to be aware of the plethora of vulnerabilities out there. Outlined in this book are several vulnerability categories, approaches to vulnerability analysis and noted briefly also human behavior vulnerabilities, a category that should never be underestimated. The essence of this part of the book is understanding the importance of configuration management and vulnerability analysis.
Next you find out details about popular signaling protocols, media protection mechanisms and key management mechanisms. The authors offer a substantial amount of technical details combined with helpful recommendations.
What follows are network security controls that can be used to protect a VoIP deployment as well as a security framework for the big guys, I mean enterprise VoIP networks. In case it hasn’t dawned on you before, after reading these chapters you’ll realize that securing VoIP networks is a complex task and that this book will be near your desk if you start working on a VoIP-related project.
Final thoughts
This book is aimed at an audience of security professionals that like to venture into technical material. The authors manage to get the most important message through – when deploying VoIP networks, you need to tailor security practices based on your needs from the very beginning. Defense in-depth is the only way to be sure your VoIP networks are ready to face the plethora of possible attacks and this book is a good starting point to get acquainted with all the angles.