VoIP undoubtedly has the potential to effect huge savings on call charges, infrastructure, and maintenance. However, it still has to assure IT administrators that it can offer a level of security similar to that offered by traditional telephony. The concerns arise from the fact that VoIP uses Ethernet and is therefore susceptible to DoS, interception, spamming, etc.
As compared to data networks, phone systems may be difficult to patch. VoIP phones are susceptible to Address Resolution Protocol spoofing that can lead to illegal tapping and crashing of the VoIP phone. According to tests conducted by Secure Test, the Cisco 7900 series phones are vulnerable when running the default Skinny protocol and can be crashed easily.
An attacker can use a PC attached to the VoIP network and send a stream of malformed messages that can result in a buffer overflow and crash the instrument. If such an attack were to be performed on a switchboard network, it would be possible for an attacker to disable the network in a matter of minutes. VoIP enables routers are also susceptible to DoS attacks. A large message in which the number of characters exceeds 50,000 can sometimes cause every phone on the VoIP network to reboot.
Prevention of tapping in PSTN networks is more a question of maintaining physical security whereas VoIP data, if unencrypted, can be intercepted by any other phone on the network. It is important that VoIP phones support the secure RTP protocols required to ensure default encryption of data. The attacks on a VoIP network can be carried out remotely with the help of Trojans that may be distributed via a PC connected to the VoIP network.
As compared to data networks, phone systems may be difficult to patch. VoIP phones are susceptible to Address Resolution Protocol spoofing that can lead to illegal tapping and crashing of the VoIP phone. According to tests conducted by Secure Test, the Cisco 7900 series phones are vulnerable when running the default Skinny protocol and can be crashed easily.
An attacker can use a PC attached to the VoIP network and send a stream of malformed messages that can result in a buffer overflow and crash the instrument. If such an attack were to be performed on a switchboard network, it would be possible for an attacker to disable the network in a matter of minutes. VoIP enables routers are also susceptible to DoS attacks. A large message in which the number of characters exceeds 50,000 can sometimes cause every phone on the VoIP network to reboot.
Prevention of tapping in PSTN networks is more a question of maintaining physical security whereas VoIP data, if unencrypted, can be intercepted by any other phone on the network. It is important that VoIP phones support the secure RTP protocols required to ensure default encryption of data. The attacks on a VoIP network can be carried out remotely with the help of Trojans that may be distributed via a PC connected to the VoIP network.
Tags:
0 Responses to “VoIP Security Issues”
Post a Comment