Voice over IP. What You Don t Know Can Hurt You. by Darren Bilby

Similar documents
VoIP Security Threat Analysis

Having fun with RTP Who is speaking???

Security and Lawful Intercept In VoIP Networks. Manohar Mahavadi Centillium Communications Inc. Fremont, California

Firewalls for Secure Unified Communications

SIP and VoIP What is SIP? What s a Control Channel? History of Signaling Channels

Ingate SIParator /Firewall SIP Security for the Enterprise

VoIP. ALLPPT.com _ Free PowerPoint Templates, Diagrams and Charts

VoIP Basics. 2005, NETSETRA Corporation Ltd. All rights reserved.

Modern IP Communication bears risks

Eavesdropping on conversations on a LAN is easier than ever thanks to insecure VoIP installations. you don t

Internet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho

IP Possibilities Conference & Expo. Minneapolis, MN April 11, 2007

SIP security and the great fun with Firewall / NAT Bernie Höneisen SURA / ViDe, , Atlanta, GA (USA)


Approaches to Deploying VoIP Technology Instead of PSTN Case Study: Libyan Telephone Company to Facilitate the Internal Work between the Branches

VPN-1 Power/UTM. Administration guide Version NGX R

Gigabit SSL VPN Security Router

GLOSSARY. Advanced Encryption Standard. Cisco Adaptive Security Appliance. Business-to-business. Binary Floor Control Protocol.

Encryption setup for gateways and trunks

Firewalls, Tunnels, and Network Intrusion Detection

Configuring Encryption for Gateways and Trunks

Cisco SPA Line IP Phone Cisco Small Business

This is a sample chapter of WebRTC: APIs and RTCWEB Protocols of the HTML5 Real-Time Web by Alan B. Johnston and Daniel C. Burnett.

Chapter 5. Security Components and Considerations.

NETWORK THREATS DEMAN

5 What two Cisco tools can be used to analyze network application traffic? (Choose two.) NBAR NetFlow AutoQoS Wireshark Custom Queuing

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

An Overview of the Cisco Unified IP Phone

Allstream NGNSIP Security Recommendations

Ingate Firewall & SIParator Product Training. SIP Trunking Focused

Rab Nawaz Jadoon. Characterizing Network Traffic DCS. Assistant Professor. Department of Computer Science. COMSATS IIT, Abbottabad Pakistan

Troubleshooting Voice Over IP with WireShark

Simple and Powerful Security for PCI DSS

2FXS Analog Telephone Adapter

Reflections on Security Options for the Real-time Transport Protocol Framework. Colin Perkins

ETSF10 Internet Protocols Transport Layer Protocols

Network Security. Thierry Sans

TSIN02 - Internetworking

Customer Guide to Passive VoIP Recording. March

An Overview of the Cisco Unified IP Phone

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

Security Assessment Checklist

Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy

Chapter 11: It s a Network. Introduction to Networking

WHITE PAPER. Session Border Controllers: Helping keep enterprise networks safe TABLE OF CONTENTS. Starting Points

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Understanding Cisco Unified Communications Security

Secure Communications on VoIP Networks

Cisco SPA922 1-Line IP Phone with 2-Port Switch Cisco Small Business IP Phones

CSE543 Computer and Network Security Module: Network Security

RTCWEB Working Group. Media Security: A chat about RTP, SRTP, Security Descriptions, DTLS-SRTP, EKT, the past and the future

An Overview of the Cisco Unified IP Phone

Sipdex M200s IPPBX. Embedded. Support Any IP Phone. Softphone and SIP Client App

Security for SIP-based VoIP Communications Solutions

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network

6 Voice-over-IP Security

Overview of SIP. Information About SIP. SIP Capabilities. This chapter provides an overview of the Session Initiation Protocol (SIP).

A Review Paper on Voice over Internet Protocol (VoIP)

Chapter 11: Networks

CHAPTER 8 SECURING INFORMATION SYSTEMS

Real-time Communications Security and SDN

Virtual Private Networks.

Improving QoS of VoIP over Wireless Networks (IQ-VW)

Chapter Three test. CompTIA Security+ SYO-401: Read each question carefully and select the best answer by circling it.

Securing VoIP: A Framework to Mitigate or Manage Risks

Location Based Advanced Phone Dialer. A mobile client solution to perform voice calls over internet protocol. Jorge Duda de Matos

Ekiga. Free IP Telephony. LinuxTag 31 May Damien Sandras

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

Configuring OpenVPN on pfsense

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Cisco Technologies, Routers, and Switches p. 1 Introduction p. 2 The OSI Model p. 2 The TCP/IP Model, the DoD Model, or the Internet Model p.

Application Security through a Hacker s Eyes James Walden Northern Kentucky University

Transport Level Security

White Paper. accelerateinnovation. Security Measures for Converged Networks June 2005 Author: Ramana Mylavarapu. security voice wireless

ZyXEL V120 Support Notes. ZyXEL V120. (V120 IP Attendant 1 Runtime License) Support Notes

Multimedia! 23/03/18. Part 3: Lecture 3! Content and multimedia! Internet traffic!

Part 3: Lecture 3! Content and multimedia!

Cisco ATA 191 Analog Telephone Adapter Overview

NETGEAR-FVX Relation. Fabrizio Celli;Fabio Papacchini;Andrea Gozzi

Protocol Layers, Security Sec: Application Layer: Sec 2.1 Prof Lina Battestilli Fall 2017

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

Cisco Unified Communications Manager Security Guide Copyright 2010 Cisco Systems, Inc. All rights reserved.

Past, Present and Future of IP Telephony

Implementing Cisco Voice Communications & QoS (CVOICE) 8.0 COURSE OVERVIEW: WHO SHOULD ATTEND: PREREQUISITES: Running on UC 9.

Secure Internet Commerce -- Design and Implementation of the Security Architecture of Security First Network Bank, FSB. Abstract

Sample Business Ready Branch Configuration Listings

What is SIP Trunking? ebook

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Security Challenge and Defense in VoIP Infrastructures. David Butcher, Member, IEEE, Xiangyang Li, Member, IEEE, and Jinhua Guo, Member, IEEE

VoIP Security and Mitel IP Telephony Solutions. Dan York Chair, Mitel Product Security Team February 2006

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

8-Port Telephony Gateway. Higher Density Voice Solution Scales with your Business PRODUCT DATA

Advanced Network Troubleshooting Using Wireshark (Hands-on)

EIP 7012 Essence VoIP Phone Administration Guide Version 1.0B

Securing CS-MARS C H A P T E R

Most Common Security Threats (cont.)

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

VG422R. User s Manual. Rev , 5

Application Note 3Com VCX Connect with SIP Trunking - Configuration Guide

Transcription:

Voice over IP What You Don t Know Can Hurt You by Darren Bilby

What is VoIP? Voice over Internet Protocol A method for taking analog audio signals, like the kind you hear when you talk on the phone, and turning them into digital data that can be transmitted over the Internet. Also known as: Voice over Packet (VoP) IP Telephony (IPT)

VoIP Trends VOIP becoming more popular and will increase in future Many ISPs and Telco s starting to offer VoIP services Like most other phone calls, it is presumed to be confidential Designed by telephone people with trusted networks in mind

Different Types of VoIP There are many different implementations of VoIP: MSN Firefly Skype Office Phone Replacements Push to Talk Ihug Connect Slingshot italk Different technologies, but most of these do not have security built-in.

Components of a VoIP Implementation Client Voice Gateway Support Servers Voicemail, Proxies, Management Servers

VoIP Clients Hard Phone Soft Phone Analog Telephone Adaptor (ATA)

Protocols and Acronyms

Protocols and Acronyms Signaling Protocol Create, modify, and terminate sessions with participants Conferences Proxies Authentication Transport Protocol Actually sends the data

Protocols and Acronyms ITU H.323 One of the earliest sets of VoIP standards Handles voice, video, and data conferencing Some limitations, but most VoIP traffic utilises this today Session Initiation Protocol (SIP) Signaling protocol RFC 3261 Currently most favored protocol for new systems Realtime Transport Protocol (RTP/RTCP) Used for media transfer by other protocols Fast, scaleable and efficient RTCP manages the call RTP is the voice data

Protocols and Acronyms SCCP (Skinny) Cisco signaling and control protocol Open standard IAX/IAX2 Signaling and control protocol Designed by Asterisk open source project Handles NAT and Firewalls cleanly MGCP (Media Gateway Control Protocol) Signaling and control protocol Reduce traffic between gateways

Why is VoIP Security a Problem? Pranks Eavesdropping and Recording Phone Calls Track Calls Stealing Confidential Information Modifying Phone Calls Making Free Phone Calls Board Room Bugging Sending Spam

VoIP Security Scenarios

Scenario 1 Industrial Information Gathering Employee uses the VOIP network to listen to the managing director s phone calls Gains access to personal details Forwards information about business deals to competitors

Demo Cain http://www.oxid.it/ Voice over Misconfigured IP Telephony (Vomit) http://vomit.xtdnet.nl/

Scenario 2 The Fraud Employee uses ARP redirection in a large office to record all voice conversations Leaves it recording and logging for a week Then uses DTMF decoder to get access to other employees bank details, voice mailboxes etc Phone banking Voice Mail

Scenario 3 The Industrial Spy Evil Russian hacker is hired by a competitor to gain knowledge of business strategies. Hacker sends secretary a link to FunnyGame.exe, pretending to be an associate. Hacker sets boardroom IP phone in speakerphone mode, and calls a phone he controls thus recording boardroom meetings.

Scenario 4 Hacking Phones with IE Phones are standard IP devices HTTP, Telnet, SNMP There are vulnerabilities in these devices Password security Hacker scans the Internet looking for vulnerable phones Hacker then uses the phones to call 0900 numbers which she gets paid for

Demo

Okay So How Do We Secure It? Secure the Devices Network Segregation Encrypt the Traffic Intrusion Detection

Secure the Devices

Secure the Devices Don t expose anything to the Internet that doesn t need to be! Patch and secure VoIP servers Patch phones Train your telephony staff in security practice This is a really bad idea!

Network Segregation

Network Segregation Problem: Malicious devices can sniff voice traffic Use switches Hacker can use ARP redirection or MAC overflow to turn switch into HUB Use separate Voice and Data VLANS Management overhead Put a HUB in the phone Now we can t VLAN Make phone smarter, teach it about VLAN s Hacker can now attack any VLAN from his phone port. But safe from remote attackers

Network Segregation

Network Segregation Try to stop malicious connections to your network Disable switch ports not in use Restrict access to switch by MAC address Implement Sticky MAC All have management overhead and are not really secure

Network Segregation Firewalls, Routers and Smart Switches Use Voice VLAN Only allow the required traffic from one interface to another Reduce DoS risk Integrated solutions eg Cisco

Encrypt the Traffic

Encrypt the Traffic Wrap an insecure protocol in a secure one IPSEC Other VPN Use a secure protocol Secure Call Setup eg SIP TLS SRTP Cisco designed protocol for encrypting RTP traffic

SRTP - Secure Real-time Transport Protocol RTP/RTCP extension End to End Designed by Cisco IETF RFC 3711 Adds Confidentiality (AES128) Message authentication (HMAC-SHA1) Replay protection Doesn t effect compression or QoS Scales well

Encryption Requires Authentication SRTP Does not define authentication Pre Shared Keys Custom SIP headers MIKEY (Multimedia Internet KEYing) Certificates preloaded on phones

SRTP Can I Use It? Currently known support by Sipura, Zultys, Avaya and Cisco Cisco support on Call Manager 4.0 Currently only high end phones 7940, 7960 and 7970

Intrusion Detection

Intrusion Detection Benefits of VLAN IDS monitoring can be accurate Very limited traffic on the network ARP Inspection at a minimum

Securing VoIP Summary Secure Phones and Management Devices Segregate your network using VLANs and firewalls Only buy devices that support SRTP and push your vendors for support Use Intrusion Detection where possible Consider VoIP security overhead before deciding

Other VoIP Issues

Other VoIP Issues - Caller ID Spoofing CID is often used for authentication Voicemail systems Makes social engineering a lot easier But, high barrier to entry: Access to direct connection with Telco eg E1 Access to misconfigured VoIP provider Multiple companies are now offering caller ID spoofing: - CovertCall - PI Phone - Star38 - Us Tracers - Camophone - Telespoof

Skype

Other VoIP Issues - Skype Proprietary VOIP system for calls over the Internet Free and simple to use Developed by the creators of KaZaA NAT and Firewall traversal File transfer

Other VoIP Issues - Skype Ref: "An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol Salman A. Baset and Henning Schulzrinne

Skype Security Concerns Claims AES 128bit encryption - unverifiable Skype may have the ability to decrypt all voice traffic Same developers as KaZaA, known for spyware Cannot stop client becoming a Supernode Client allows file transfer, even through firewalls, an access path for malicious code, information leakage Client can update itself automatically

Good Sites For Learning More Some good links for learning more about VoIP Voip-Info.org http://www.voip-info.org VoP Security http://www.vopsecurity.org Cain and Abel http://www.oxid.it Vomit http://vomit.xtdnet.nl/

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback