Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker VoIP Hacking Module XXXVIII Page | 2972 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Module XXXVIII VoIP Hacking Ethical Hacking and Countermeasures Version 6 Ethical Hacking and Countermeasures v6 Module XXXVIII: VoIP Hacking Exam 312-50 Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker VoIP Hacking Module XXXVIII Page | 2973 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News Source: http://www.itbusinessedge.com/  News VoIP technology does not yet have proper security measures. VoIP security is still falling short due to various reasons. The use of Unified Communications and Session Initiation Protocol (SIP) trunking will cause Denial of Service (DoS) and Distributed Denial of Service attacks (DDoS) attacks. The other kinds of attacks are eavesdropping and the launch of botnets due to Microsoft Office Communication Server (OCS) 2007. The main threats to VoIP are vishing and phreaking. When hackers set up their own IP PBXs, they can perform attacks such as VoIP phishing (vishing). Another attack, phreaking, is when a call is made illegally and without payment. Hackers can also take advantage of voice infrastructures like PBX, voicemail platforms, modems, and fax lines. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker VoIP Hacking Module XXXVIII Page | 2974 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Objective • VoIP • VoIP Hacking Steps • Footprinting • Scanning • Enumeration • Exploiting The Network • Covering The Tracks This module will familiarize you with: Module Objective This module will familiarize you with VoIP Hacking. The topics discussed in this module are:  What is VoIP?  VoIP Hacking Steps  Footprinting  Scanning  Enumeration  Exploiting the Network  Covering the Tracks Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker VoIP Hacking Module XXXVIII Page | 2975 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Flow What is VoIP Footprinting Scanning Enumeration Exploiting The Network Covering The Tracks VoIP Hacking Steps Module Flow Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker VoIP Hacking Module XXXVIII Page | 2976 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited What is VoIP Voice Over Internet Protocol (VoIP) refers to transmission of voice over IP based networks Also known as “packet telephony” Uses IP protocol to route voice traffic Voice is compressed using CODECS-hence bandwidth is utilized efficiently Renowned for its low cost and advantageous to customers in case of long distance calls  What is VoIP? Voice over Internet Protocol (VoIP) is a technology that provides telephonic services over the Internet. It uses the Internet Broadband connection for applications, such as:  Telephony  Voice instant messaging  Teleconferencing Voice transmission becomes very easy using the IP protocol. For data transmission, the analog voice signal is converted into digital signal using CODECS, which compresses the voice. Compressing the voice makes its transmission over the Internet easy and fast. Also, the bandwidth used is comparatively less when compared to transmission without the compression of voice. VoIP is widely used due to its low charges, especially for long distance calls. VoIP is also known as packet telephony because the analog voice signal is first digitized and packetized. The packets transmitted over the Internet take different paths to reach the target where they are rearranged with the help of headers, and decompressed to extract the original message. This proves to be more economical and fast when compared to the conventional circuit switching used in Public Switched Telephone Network (PSTN). VoIP is also known as:  Internet telephony  Broadband telephony  IP telephony  Broadband phone VoIP contains many other value added features absent in the traditional telephone technologies. It supports converged networking. This is one of its major advantages as this enables voice, video, and data to be transmitted simultaneously. This technology is useful in conferencing. Such technique is called V/V/D (Voice/Video/Data) convergence, which makes the network less complex by allowing just one network for transmitting voice and data traffic, hence saving money. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker VoIP Hacking Module XXXVIII Page | 2977 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited VoIP Hacking Steps Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker VoIP Hacking Module XXXVIII Page | 2978 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited VoIP Hacking Steps Footprinting Scanning Enumeration Exploiting the Network  VoIP Hacking Steps Because VoIP hacking is a threat to many corporations and households, upgrades to a new version of the existing traditional phone network are available. However, there are instances when upgrading should be delayed due to the threat posed. Additionally, VoIP is vulnerable to hacking because data transfer from analog voice data to a digital form over the Internet presents a risk for attacks from viruses, worms, and other bugs. A hacker may also possess potentially destructive tools. VoIP hacking techniques include:  Audio Spam: It is similar to email spam, but it distributes spam to the convergence of voice and data.  Caller ID spoofing: In this attack, a hacker pretends to be a person the intended victim knows, in order to retrieve sensitive information.  Voice phishing: It is a form of social engineering that has the capability to convince a person to reveal private information. It can also drive out mass recordings over the Internet via VoIP.  Call hijacking is an attack where a hacker captures the intended call for a particular party and relays it to someone else. Generally, hackers use this technique in conjunction with some form of social engineering.  Phone tapping: It is an easy technique to perform on VoIP network. A hacker can easily enter a network from a remote location via the Internet, without directly entering the local phone network. If VoIP systems are not secured enough, the techniques mentioned above can make it easy to perform a "hack". There are many ways to hack the system by simply shutting down a telephone network through brute-force attacks or launching DoS or DDoS attacks. Worms and Trojans can also use spoofing to masquerade within a voice packet. If the companies’ business critical systems are hacked, there would be a disruption that can cost up to millions of dollars. In most cases, a disgruntled employee can cause such situations trying to launch many attacks to extract information. Reconnaissance refers to the preparatory phase where a hacker gathers as much information as possible about a target prior to actually launching an attack. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker VoIP Hacking Module XXXVIII Page | 2979 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. The exact methodology that a hacker adopts while approaching a target can vary immensely. Some may randomly select a target based on a vulnerability that can be exploited. Others may try their hand at a new technology or skill level. Still others may be methodologically preparing to attack a particular target for a number of reasons. For the purpose of study, these activities are categorized as:  Footprinting.  Scanning. A hacker gains most information from foot printing and scanning and then he/she tries to use enumeration, and thus exploits the network. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker VoIP Hacking Module XXXVIII Page | 2980 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Footprinting Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker VoIP Hacking Module XXXVIII Page | 2981 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Information Sources Public Web site research Google hacking WHOIS and DNS analysis  Information Sources In footprinting, it is possible to obtain a company’s URL by using any search engine such as www.google.com or www.yahoo.com. If you do not know the URL of a particular company, you can use any search engine to retrieve it by typing the company’s name in the text box and clicking the search button. The search engine displays a list of related links or URLs related to the company. Click on any of the links to gain access to the company’s information. Archived websites can be used to gather information on a company’s web page since their creation. A website such as www.archive.org, keeps track of web pages from the time of their inception, so it is easy for an attacker to obtain the latest updates made to a targeted site.