www.dbebooks.com - Free Books & magazines VISIT US AT Syngress is committed to publishing high-quality books for IT Professionals and deliv- ering those books in media and formats that fit the demands of our customers. We are also committed to extending the utility of the book you purchase via additional mate- rials available from our Web site. SOLUTIONS WEB SITE To register your book, visit www.syngress.com/solutions. Once registered, you can access our solutions@syngress.com Web pages. There you may find an assortment of value- added features such as free e-books related to the topic of this book, URLs of related Web sites, FAQs from the book, corrections, and any updates from the author(s). ULTIMATE CDs Our Ultimate CD product line offers our readers budget-conscious compilations of some of our best-selling backlist titles in Adobe PDF form. These CDs are the perfect way to extend your reference library on key topics pertaining to your area of expertise, including Cisco Engineering, Microsoft Windows System Administration, CyberCrime Investigation, Open Source Security, and Firewall Configuration, to name a few. DOWNLOADABLE E-BOOKS For readers who can't wait for hard copy, we offer most of our titles in downloadable Adobe PDF form. These e-books are often available weeks before hard copies, and are priced affordably. SYNGRESS OUTLET Our outlet store at syngress.com features overstocked, out-of-print, or slightly hurt books at significant savings. SITE LICENSING Syngress has a well-established program for site licensing our e-books onto servers in corporations, educational institutions, and large organizations. Contact us at sales@syngress.com for more information. CUSTOM PUBLISHING Many organizations welcome the ability to combine parts of multiple Syngress books, as well as their own content, into a single volume for their own internal use. Contact us at sales@syngress.com for more information. This Page Intentionally Left Blank [...]... 1.3 VolP- Specific Threats Type of Risk Threats VolP Data and Service Disruption VolP Control Packet Flood VolP Data and Service Theft r www.syngress.com VolP Call Data Flood TCP/UDP/ICMP Packet Flood VolP Implementation DoS Exploit OS/Protocol Implementation DoS Exploit VolP Protocol DoS Exploit Wireless DoS Attack Network Service DoS Attacks VolP Application Dos Attacks VolP Endpoint PIN Change VolP. .. Packet Replay VolP Packet Injection VolP Packet Modification QoS Modification VLAN Modification VolP Social Engineering Rogue VolP Device Connection ARP Cache Poisoning VolP Call Hijacking Network Eavesdropping VolP Application Data Theft Address Spoofing VolP Call Eavesdropping Continued Introduction to VolP Security Chapter 1 9 Table 1.3 continued VolP- Specific Threats Type of Risk Threats VolP Control... Introduction to VolP Security 9 Chapter 1 Table 1.2 VolP- Related Protocols Acronym Support VolP Protocol RTSP Real Time Streaming Protocol for media play-out control RSVP STUN TURN ICE SDP TLS Resource Reservation Protocol Simple Traversal of UDP through NAT Traversal Using Relay NAT Interactive Connectivity Establishment Session Discovery Protocol Transport Layer Security VolP Isn't Just Another Data Protocol... that damage to one network compartment is limited to only that compartment Data network problems can be segregated from the VoIP network and vice versa We will talk about this approach in much more detail later in the book 13 14 Chapter 1 9 Introduction to VolP Security VolP Threats There are a number of ways to classify threats The most comprehensive list of VoIP threats is maintained by VOIPSA at. .. organizational location, and a constellation of other personal information Convergence should simplify telecommunications management For example, a single management station or cluster can be used to monitor both data and voice components and performance via SNMR As mentioned earlier in this chapter, directory management will be simplified as well 7 8 Chapter 1 9 Introduction to VolP Security VolP Protocols... potentially compromising names, addresses, and social security and driver's license information relating to 310,000 people 9 Choicepoint, one of the nation's largest information aggregators, allowed criminals to buy the private identity and credit information of more than 150,000 customer accounts Besides the harm done to Choicepoint's reputation, in late January, 2006, Choicepoint was fined $15 million... suffered attacks from viruses or worms that were introduced internally Viruses and worms account for more security- related financial damage than all other security threats combined The network traffic generated by these agents as they replicate and seek out other hosts to infect has been shown to wreck havoc with even relatively wellsecured data networks Although these data were derived from reports on data... standards, due in part to the rapid evolution in the standards themselves, and due in part to vendors attempting to lock in customers to nonstandard protocol implementations The consequence of this is that, in some cases, immature (vulnerable) applications reach the market Vendors are oftentimes only familiar with their specific application's protocol implementation, and when designing a security solution,... vendors tout standards to foster interoperability An additional difference between VolP and more common protocols is that both major VolP protocols separate signaling and media on different channels These channels run over dynamic IP address/port combinations This has significant security implications that will be detailed later in this book If you combine this fact (separate signaling and data channels)... converging data and voice is that organizational directories often are updated and consolidated as part of the VolP deployment process This not only enables economies in and of itself but also makes features such as Push Directories possible Push is the capability of an application using the WML protocol to send content to the telephone IP transforms the everyday telephone into an applications-enabled . the Basement 4 What Is VolP? 6 VolP Benefits 6 VolP Protocols 8 VolP Isn't Just Another Data Protocol 9 Security Issues in Converged Networks 11 VolP Threats 14 A New Security Model. Manager, Security Planning and Strategy at Avaya. In that role, Andy drives product security architecture and strategy across Avaya's voice and data communications products. Previously at Avaya,. RSVP Protocol 130 RSVP Operation 130 Security Implications for RSVP 131 SDP 132 SDP Specifications 132 SDP Operation 133 Security Implications for SDP 134 Skinny 135 Skinny Specifications