Kommunikationsdienste im Internet Möglichkeiten und Risiken
|
|
- Joan Stokes
- 8 years ago
- Views:
Transcription
1 Die Zukunft der Kommunikationsdienste im Internet Möglichkeiten und Risiken Erwin P. Rathgeb Technik der Rechnernetze, Universität Duisburg-Essen Jochen Kögel, Marc Barisch IKR, Universität Stuttgart Steffen Fries Steffen Fries Siemens AG, Corporate Technology
2 Overview New service opportunities lead to new security threats Telephony as an example A more general view What makes services vulnerable? What has to be done? Generic solutions instead of protocol extensions Example identity management Do we get a second chance? The Future Internet Zukunft der Netze 2009, 2, Rg
3 Unfortunately there are many services/applications How to secure all of them? Zukunft der Netze 2009, 3, Rg
4 Service example: Telephony Past Zukunft der Netze 2009, 4, Rg
5 Service example: Telephony Past, present Zukunft der Netze 2009, 5, Rg
6 Service example: Telephony Past, present and future Global calls, no addition fees (Internet flat rate) VoIP using SIP Bulk calls for free SPIT With SIP Infrastructure (e.g. Asterisk, IMS) Without SIP Infrastr. (P2P) Global access to home account SIP Registrar - Helps to locate the called SIP client in theunauthorized Internet access - Provides access for toll calls Toll Fraud - Provides account for billing Caller has to know/find current location and ID of called SIP client Zukunft der Netze 2009, 6, Rg
7 SIP security threats Registration hijacking and toll fraud Outgoing toll call private_server.de Internet provider_server.de Register as server.de Register as server.de Register as server.de Zukunft der Netze 2009, 7, Rg
8 Experimental system to study SIP threats SIP Honeypot system Attacks? HoneyWall Extended Asterisk VIP VoIP server Analysis Management Zukunft der Netze 2009, 8, Rg
9 SIP Honeypot System Evaluation study Short field test Duration about 2 months VoIP Honeypot Accepting and logging incoming calls from the internet Handling and logging Register attempts Honeypot was found and attacked No further publishing activity required Publication of one specific SIP URI on web site SIP URI was found and attacked Zukunft der Netze 2009, 9, Rg
10 SIP Honeypot System Results 3,5 3 2, ,5 1 0, Number of registration hijacking attempts per day Zukunft der Netze 2009, 10, Rg
11 SIP Honeypot System Results Scan for active extensions Duration 2 to maximum 30 seconds Different scan patterns Scan all extensions from 101 to 900 Scan specific intervals Scan for common account names (info, service,, first names) Result: list of active extensions Password scan Only performed in some cases Between 5 and 90 attempts per active extension Different scan patterns Numbers (e.g. extension number) Dictionary attacks Zukunft der Netze 2009, 11, Rg
12 SIP Honeypot System Specific attack tools already available Fabricate and manipulate SIP packets Port Scan svmap Scan for SIP servers Fingerprinting g svwar Scan for active extensions svcrack Password scan Zukunft der Netze 2009, 12, Rg
13 State of the internet security reloaded Malware, SPAM and Phishing Suspicious activities Identified attacks Feb 12-Feb 15-Feb 18-Feb 21-Feb 24-Feb 5-Mar 9-Mar 14-Mar 17-Mar 25-Mar 28-Mar 31-Mar 4-Apr 7-Apr 10-Apr Alarms Warnings num b er of m ails Each computer attached to the internet SPAM and Phishing are omnipresent Is discovered immediately Difficult to protect mail addresses Is permanently under attack Most attacks are fully automated SPAM doesn t stop once it began Used mainly for fraud and phishing Zukunft der Netze 2009, 13, Rg
14 Existing and new threats Very similar patterns Basically the same situation as for malware and SPAM Malicious activity already present Low cost, bulk delivery, ubiquitous connectivity, full automation Attractive basis for fraud and phishing Low risk for the attacker All information relevant for backtracking ki can be forged Compromised hosts can be used Open source tool boxes readily available on the internet Escalation of the problems can be expected Increasing penetration of SIP telephony attracts attackers P2P mode SIP (e.g. ENUM) make SPIT easier Home servers with SIP Registrar functionality let vulnerabilities for toll fraud explode Zukunft der Netze 2009, 14, Rg
15 What has been done SIP Security Landscape SIP inherent signaling security measures for Extensions/Updates (examples) client/server and server/server communication: Enhancements to Authenticated - HTTP Digest Authentication (mandatory) Identity Management (RFC4474) and Connected Identity in SIP - TLS to provide cryptographic protection of TCP data (RFC4916) for asserting identity of (mandatory for server, recommended for clients) communicating peers - IPSec to provide cryptographic protection (optional) Certificate Management Service for SIP (draft-ietf-sip-certs), for providing credential handling for clients Managing Client Initiated t SIP Proxy A SIP Proxy B Connections in SIP (draft-ietf-sipoutbound), and Connection Reuse in SIP (draft-ietf-sip-connect- reuse) for re-using TLS Client A Client B connections between peers End-to-End security for signaling data using S/MIME for authentication, integrity protection and confidentiality (opt.) Zukunft der Netze 2009, 15, Rg
16 What has to be done Security measures in SIP VoIP deployments Home Domain Provider Domain Authentication of users towards SIP servers Voice Currently mainly passwords, certificate based SIP, RTP authentication is less deployed Authentication of SIP server towards user LAN, ATM, etc. Certificate based as part of TLS supported DSL Confidentiality and integrity protection of signaling information Starting via TLS (or IPSec in 3GPP) Not necessarily on all parts of the communication path Additional infrastructure related measures SIP, RTP Multimedia-capable firewalls, IEEE802.1x, etc. SIP, RTP Intranet Preferably in enterprise environments Media encryption is becoming available SRTP and currently MIKEY or sdescription or ZRTP for key management Voice Server SIP Server SBC Firewall + SBC Enterprise Domain VPN connection Zukunft der Netze 2009, 16, Rg
17 Convergence of networks and services Convergence of vulnerabilities Yesterday Today Tomorrow Voice networks Risks: Toll fraud Misuse of Service (Dialer) Call back service misuse Multimedia networks VoIP VoD Risks: s Data networks Ti Triple Play Unified Eavesdropping Communication Spoofing Combined Risks: Masquerading SPIT, SPIM Traffic Analysis Identity Theft Denial of Service Denial of Service Applications Risks: Denial of Service Manipulation Virus, Worms, etc. SPAM Misuse of Application Data VoIP - Voice over IP / VoD - Video on Demand / Triple Play - TV, (IP-)Telephony and Internet Access via one media / SPIT - Spam over Internet Telephony / VOMIT - Voice over misconfigured Internet telephones Zukunft der Netze 2009, 17, Rg
18 Which services are at risk? Always the popular ones Open SIP VoIP Service concept IM XMPP Closed Social networks IM MSN, ICQ Skype ISDN Low Number of reachable users High Zukunft der Netze 2009, 18, Rg
19 We need a more comprehensive approach Generic solutions instead of protocol extensions SWIFT Project: A Cross-Layer Identity Management Concept Use identities across layers Same identity for network and application services Extend secure network authentication SWIFT Project (SIM card, Facts ) towards services FP7 project Allows Single Sign-On 9 partners Improved (NEC, usability Universität Stuttgart, ) 01/ /2010 Improved security Introduce virtual identity concept Identinet User ishas theseveral Future identities Internet User can integrate existing accounts User-controlled attribute release Improved privacy Incorporation into existing architectures (Shibboleth, Diameter, SAML, ) TV service ebank service service VID VPN service Network access service Application layer services Network layer services Zukunft der Netze 2009, 19, Rg
20 The Future Internet A second chance? Service components instead of protocols Flexible service orchestration Novel addressing concepts Location/identifier split Simplifies mobility and security Network virtualization More flexibility New options for security Security as basic design goal Comprehensive effort is needed Historic mistakes have to be avoided Zukunft der Netze 2009, 20, Rg
SPAM over Internet Telephony (SPIT) und Abwehrmöglichkeiten
Zukunft der Netze, 20.03.2009 SPAM over Internet Telephony (SPIT) und Abwehrmöglichkeiten Dirk Hoffstadt (Uni Duisburg-Essen) Christoph Sorge (NEC) Yacine Rebahi (Fraunhofer FOKUS) Outline Introduction
More informationVoice over IP. VoIP (In) Security. Presented by Darren Bilby NZISF 14 July 2005
Voice over IP VoIP (In) Security Presented by Darren Bilby NZISF 14 July 2005 Security-Assessment.com Who We Are NZ s only pure-play security firm Largest team of security professionals in NZ Offices in
More informationVoice over IP Security
Voice over IP Security Patrick Park Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA vii Contents Introduction xvii Part I VoIP Security Fundamentals 3 Chapter 1 Working with
More informationIngate Firewall/SIParator SIP Security for the Enterprise
Ingate Firewall/SIParator SIP Security for the Enterprise Ingate Systems February, 2013 Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?...
More informationVOICE OVER IP SECURITY
VOICE OVER IP SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationSecuring SIP Trunks APPLICATION NOTE. www.sipera.com
APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)
More informationVoIP Security regarding the Open Source Software Asterisk
Cybernetics and Information Technologies, Systems and Applications (CITSA) 2008 VoIP Security regarding the Open Source Software Asterisk Prof. Dr.-Ing. Kai-Oliver Detken Company: DECOIT GmbH URL: http://www.decoit.de
More informationA Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.
A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money
More informationVesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, holger.zuleger}@arcor.net Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, 65760 Eschborn, Germany
Service Provider implementation of SIP regarding security Vesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, holger.zuleger}@arcor.net Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, 65760 Eschborn, Germany
More informationSecuring VoIP Networks using graded Protection Levels
Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract
More informationSIP Security Controllers. Product Overview
SIP Security Controllers Product Overview Document Version: V1.1 Date: October 2008 1. Introduction UM Labs have developed a range of perimeter security gateways for VoIP and other applications running
More informationAn outline of the security threats that face SIP based VoIP and other real-time applications
A Taxonomy of VoIP Security Threats An outline of the security threats that face SIP based VoIP and other real-time applications Peter Cox CTO Borderware Technologies Inc VoIP Security Threats VoIP Applications
More informationVoIP Security* Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011
VoIP Security* Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011 *Thanks to Prof. Angelos Keromytis for materials for these lecture slides. CSE545 - Advanced Network Security -
More informationRelease the full potential of your Cisco Call Manager with Ingate Systems
Release the full potential of your Cisco Call Manager with Ingate Systems -Save cost with flexible connection to Service Providers. -Save mobile costs, give VoIP mobility to your workforce. -Setup an effective
More informationBasic Vulnerability Issues for SIP Security
Introduction Basic Vulnerability Issues for SIP Security By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com The Session Initiation Protocol (SIP) is the future
More informationSecurity issues in Voice over IP: A Review
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 3 Issue 2 February, 2014 Page No. 3879-3883 Security issues in Voice over IP: A Review Rajni a, Preeti a, Ritu
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationService Provider implementation of SIP regarding security
Service Provider implementation of SIP regarding security Vesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, holger.zuleger}@arcor.net Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, 65760 Eschborn, Germany
More informationHow To Secure A Voice Over Internet Protocol (Voip) From A Cyber Attack
DHS 4300A Sensitive Systems Handbook Attachment Q5 To Handbook v. 11.0 Voice over Internet Protocol (VoIP) Version 11.0 December 22, 2014 Protecting the Information that Secures the Homeland This page
More informationAchieving Truly Secure Cloud Communications. How to navigate evolving security threats
Achieving Truly Secure Cloud Communications How to navigate evolving security threats Security is quickly becoming the primary concern of many businesses, and protecting VoIP vulnerabilities is critical.
More informationSIP SECURITY WILEY. Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne. A John Wiley and Sons, Ltd.
SIP SECURITY Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne WILEY A John Wiley and Sons, Ltd., Publication Foreword About the Authors Acknowledgment xi xiii xv 1 Introduction
More informationVoIP Resilience and Security Jim Credland
VoIP Resilience and Security Jim Credland About THUS plc Provider and user of VoIP and Soft Switch technologies Developing Enterprise Security Standards NISCC VoIP Working Group Security Considerations
More informationEnumerating and Breaking VoIP
Enumerating and Breaking VoIP Introduction Voice over Internet Protocol (VoIP) has seen rapid implementation over the past few years. Most of the organizations which have implemented VoIP are either unaware
More informationTLS and SRTP for Skype Connect. Technical Datasheet
TLS and SRTP for Skype Connect Technical Datasheet Copyright Skype Limited 2011 Introducing TLS and SRTP Protocols help protect enterprise communications Skype Connect now provides Transport Layer Security
More informationFirewalls, Tunnels, and Network Intrusion Detection. Firewalls
Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.
More informationThreat Mitigation for VoIP
Threat Mitigation for VoIP Bogdan Materna, VP Engineering and CTO VoIPshield Systems Third Annual VoIP Security Workshop June 2, 2006 Overview Basics VoIP Security Impact Examples of real vulnerabilities
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls
More informationKISUMU LAW COURTS: SPECIFICATIONS FOR A UNIFIED COMMUNICATION SYSTEM / VOICE OVER INTERNET PROTOCOL (VOIP) SOLUTION. Page 54 of 60
SPECIFICATIONS FOR A UNIFIED COMMUNICATION SYSTEM / VOICE OVER INTERNET PROTOCOL (VOIP) SOLUTION Page 54 of 60 UNIFIED COMMUNICATION SYSTEM (VOIP) PROPOSAL FOR KISUMU JUDICIARY COURTS. 1.0 PARTICULARS
More informationImplementing VoIP monitoring solutions. Deployment note
Implementing VoIP monitoring solutions Deployment note Introduction With VoIP being an integral part of modern day business communications, enterprises are placing greater emphasis on the monitoring and
More informationa) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
More informationSecured Communications using Linphone & Flexisip
Secured Communications using Linphone & Flexisip Solution description Office: Le Trident Bat D 34, avenue de l Europe 38100 Grenoble France Tel. : +33 (0)9 52 63 65 05 Headquarters: 12, allée des Genêts
More informationNetwork Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
More informationCE 817 - Advanced Network Security VoIP Security
CE 817 - Advanced Network Security VoIP Security Lecture 25 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially
More informationVoIP Security: How Secure is Your IP Phone?
VoIP Security: How Secure is Your IP Phone? Dan York, CISSP Director of IP Technology, Office of the CTO Chair, Mitel Product Security Team Member, Board of Directors, VoIP Security Alliance (VOIPSA) ICT
More informationGuidance Regarding Skype and Other P2P VoIP Solutions
Guidance Regarding Skype and Other P2P VoIP Solutions Ver. 1.1 June 2012 Guidance Regarding Skype and Other P2P VoIP Solutions Scope This paper relates to the use of peer-to-peer (P2P) VoIP protocols,
More informationChallenges and opportunities for Open Source solutions
GDS20910 39HA83090K2 D3 S20910 328MGD 7 W510200RQ1 UT 10 T28GHY620 JH7 BE4ET276 90K2 D39HA83 0K2 D39HA830 8JD6200NS12 RQ1 UTW510200 H7 BE4ET2763J 8HGDOI0912 M1 Y620110 T28GH UTW510200 83090K2 GDS20910
More informationFirewall-Friendly VoIP Secure Gateway and VoIP Security Issues
Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues v Noriyuki Fukuyama v Shingo Fujimoto v Masahiko Takenaka (Manuscript received September 26, 2003) IP telephony services using VoIP (Voice
More informationMitigating the Security Risks of Unified Communications
2009 International Conference on Computer Engineering and Applications IPCSIT vol.2 (2011) (2011) IACSIT Press, Singapore Mitigating the Security Risks of Unified Communications Fernando Almeida 1 +, Jose
More informationSIP and VoIP 1 / 44. SIP and VoIP
What is SIP? What s a Control Channel? History of Signaling Channels Signaling and VoIP Complexity Basic SIP Architecture Simple SIP Calling Alice Calls Bob Firewalls and NATs SIP URIs Multiple Proxies
More informationHow To Use A Phone Over Ip (Phyto) For A Phone Call
SIP and VoIP Skype an example VoIP client 1 SIP / VoIP: what are these? Voice over IP (VoIP) Session Initiation Protocol (SIP) Control channel Known in telephone world as signaling channel Does call setup:
More informationCS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013
CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access
More informationECMA TR/100. Next Generation Corporate Networks (NGCN) - Security of Session-based Communications. 1 st Edition / December 2009
ECMA TR/100 1 st Edition / December 2009 Next Generation Corporate Networks (NGCN) - Security of Session-based Communications Reference number ECMA TR/12:2009 Ecma International 2009 COPYRIGHT PROTECTED
More informationOSSIR, November 2010 emil.ivov@sip-communicator.org 1/45
OSSIR, November 2010 emil.ivov@sip-communicator.org 1/45 Real-time Communication Applications OSSIR, November 2010 emil.ivov@sip-communicator.org 2/45 Protocols sip & xmpp OSSIR, November 2010 emil.ivov@sip-communicator.org
More informationApplication Note Patton SmartNode in combination with a CheckPoint Firewall for Multimedia security
Patton Electronics Co. www.patton.com 7622 Rickenbacker Drive, Gaithersburg, MD 20879, USA tel: +1 301-975-10001000 fax: +1 301-869-9293 Application Note Patton SmartNode in combination with a CheckPoint
More informationSIP Trunking Configuration with
SIP Trunking Configuration with Microsoft Office Communication Server 2007 R2 A Dell Technical White Paper End-to-End Solutions Team Dell Product Group - Enterprise THIS WHITE PAPER IS FOR INFORMATIONAL
More informationVoIP some threats, security attacks and security mechanisms. Lars Strand RiskNet Open Workshop Oslo, 24. June 2009
VoIP some threats, security attacks and security mechanisms Lars Strand RiskNet Open Workshop Oslo, 24. June 2009 "It's appalling how much worse VoIP is compared to the PSTN. If these problems aren't fixed,
More informationSchichtenübergreifendes Identitätsmanagement zwischen HIP und SAML
Schichtenübergreifendes Identitätsmanagement zwischen HIP und SAML Ein Architekturkonzept Supported by the SWIFT project www.ist-swift.org Marc Barisch, Alfredo Matos marc.barisch@ikr.uni-stuttgart.de,
More informationVOIP SECURITY: BEST PRACTICES TO SAFEGUARD YOUR NETWORK ======
VOIP SECURITY: BEST PRACTICES TO SAFEGUARD YOUR NETWORK ====== Table of Contents Introduction to VoIP Security... 2 Meet Our Expert - Momentum Telecom... 2 BroadWorks... 2 VoIP Vulnerabilities... 3 Call
More informationVoIP Security Threats and Vulnerabilities
Abstract VoIP Security Threats and Vulnerabilities S.M.A.Rizvi and P.S.Dowland Network Research Group, University of Plymouth, Plymouth, UK e-mail: info@network-research-group.org This paper presents the
More informationNext Generation. VoIP Application Firewall. www.novacybersecurity.com
Next Generation VoIP Application Firewall Are you aware that you are vulnerable to all threats on the Internet? With increasing voice and video transmission over IP and emerging new technologies such as
More informationCPNI VIEWPOINT 02/2007 ENTERPRISE VOICE OVER IP
ENTERPRISE VOICE OVER IP AUGUST 2007 Abstract Voice over IP (VoIP) is the term used for a set of technologies that enable real time voice or video conversations to take place across IP networks. VoIP devices
More informationVoIP Security Challenges: 25 Ways to Secure your VoIP Network from Versign Security, Dec 01, 2006
VoIP Security Challenges: 25 Ways to Secure your VoIP Network from Versign Security, Dec 01, 2006 VoIP technology has the tech geeks buzzing. It has been touted as: - the killer of telecoms - a solution
More informationAn Investigation into the Effect of Security on Performance in a VoIP Network
Abstract An Investigation into the Effect of Security on Performance in a VoIP Network Muhammad Tayyab Ashraf, John N. Davies and Vic Grout Centre for Applied Internet Research (CAIR) Glyndŵr University,
More informationREVIEW OF WEB-BROWSER COMMUNICATIONS SECURITY
REVIEW OF WEB-BROWSER COMMUNICATIONS SECURITY ANTON PAVLOVICH TEYKHRIB Company Naumen (Nau-Service) E-mail: ateyhrib@naumen.ru ABSTRACT The issues of Internet communications security are considered in
More informationBest Practices for Securing IP Telephony
Best Practices for Securing IP Telephony Irwin Lazar, CISSP Senior Analyst Burton Group Agenda VoIP overview VoIP risks Mitigation strategies Recommendations VoIP Overview Hosted by VoIP Functional Diagram
More informationSIP, Session Initiation Protocol used in VoIP
SIP, Session Initiation Protocol used in VoIP Page 1 of 9 Secure Computer Systems IDT658, HT2005 Karin Tybring Petra Wahlund Zhu Yunyun Table of Contents SIP, Session Initiation Protocol...1 used in VoIP...1
More informationFIGHTING FRAUD ON 4G. Neutralising threats in the LTE ecosystem
FIGHTING FRAUD ON 4G Neutralising threats in the LTE ecosystem TABLE OF CONTENTS Introduction...3 New and Old Vulnerabilities...4 Identity Management...5 A Unified Response...6 Data Mining...7 An Evolving
More informationA Call Conference Room Interception Attack and its Detection
A Call Conference Room Interception Attack and its Detection Nikos Vrakas 1, Dimitris Geneiatakis 2 and Costas Lambrinoudakis 1 1 Department of Digital Systems, University of Piraeus 150 Androutsou St,
More informationUsing IP Networks for voice and video: benefits and challenges
Using IP Networks for voice and video: benefits and challenges Peter Cox CEO UM Labs Ltd October 2010 About UM Labs UK Based company Founded 2008 by Peter Cox and other cofounders of Borderware Technologies
More informationCPNI VIEWPOINT 01/2007 INTERNET VOICE OVER IP
INTERNET VOICE OVER IP AUGUST 2007 Abstract Voice over IP (VoIP) is the term used for a set of technologies that enable real time voice or video conversations to take place across IP networks. VoIP devices
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationVillains and Voice Over IP
Villains and Voice Over IP Heather Bonin ECE 578 March 7, 2004 Table of Contents Introduction... 3 How VOIP Works... 3 Ma Bell and her Babies... 3 VoIP: The New Baby on the Block... 3 Security Issues...
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationSIP, Security and Session Border Controllers
SIP, Security and Session Border Controllers SIP, Security and Session Border Controllers Executive Summary Rolling out a public SIP service brings with it several security issues. Both users and Service
More informationTransparent weaknesses in VoIP
Transparent weaknesses in VoIP Peter Thermos peter.thermos@palindrometech.com 2007 Palindrome Technologies, All Rights Reserved 1 of 56 Speaker Background Consulting Government and commercial organizations,
More informationVirtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN
Virtual private network Network security protocols COMP347 2006 Len Hamey Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Public internet Security protocol encrypts
More informationStorming SIP Security
Attack Sandro Gauci Difficulty VoIP is a hot and steadily gaining market share in the phone business. As people constantly seek to make long distance calls cheaper, they are moving away from relying on
More informationWhite Paper. avaya.com 1. Table of Contents. Starting Points
White Paper Session Initiation Protocol Trunking - enabling new collaboration and helping keep the network safe with an Enterprise Session Border Controller Table of Contents Executive Summary...1 Starting
More informationBest Practices for SIP Security
Best Practices for SIP Security IMTC SIP Parity Group Version 21 November 9, 2011 Table of Contents 1. Overview... 33 2. Security Profile... 33 3. Authentication & Identity Protection... 33 4. Protecting
More informationDesigning federated identity management architectures for addressing the recent attacks against online financial transactions.
Designing federated identity management architectures for addressing the recent attacks against online financial transactions. Dr. Christos K. Dimitriadis Security Officer INTRALOT S.A. Scope and Agenda
More informationVoice Over IP and Firewalls
Introduction Voice Over IP and Firewalls By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Use of Voice Over IP (VoIP) in enterprises is becoming more and more
More informationFRAFOS GmbH Windscheidstr. 18 Ahoi 10627 Berlin Germany info@frafos.com www.frafos.com
WebRTC for the Enterprise FRAFOS GmbH FRAFOS GmbH Windscheidstr. 18 Ahoi 10627 Berlin Germany info@frafos.com www.frafos.com This document is copyright of FRAFOS GmbH. Duplication or propagation or extracts
More informationFBLA Cyber Security aligned with Common Core 6.14. FBLA: Cyber Security RST.9-10.4 RST.11-12.4 RST.9-10.4 RST.11-12.4 WHST.9-10.4 WHST.11-12.
Competency: Defend and Attack (virus, spam, spyware, Trojans, hijackers, worms) 1. Identify basic security risks and issues to computer hardware, software, and data. 2. Define the various virus types and
More informationFrom Network Security To Content Filtering
Computer Fraud & Security, May 2007 page 1/10 From Network Security To Content Filtering Network security has evolved dramatically in the last few years not only for what concerns the tools at our disposals
More information10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network
10 Key Things Your Firewall Should Do When voice joins applications and data on your network Table of Contents Making the Move to 3 10 Key Things 1 Security is More Than Physical 4 2 Priority Means Clarity
More informationVOICE OVER IP (VOIP) TO ENTERPRISE USERS GIOTIS KONSTANTINOS
VOICE OVER IP (VOIP) TO ENTERPRISE USERS GIOTIS KONSTANTINOS Master of Science in Networking and Data Communications THESIS Thesis Title Voice over IP (VoIP) to Enterprise Users Dissertation submitted
More informationVOIP SECURITY ISSUES AND RECOMMENDATIONS
VOIP SECURITY ISSUES AND RECOMMENDATIONS Sathasivam Mathiyalakan MSIS Department, College of Management, University of Massachusetts Boston Phone: (617) 287 7881; Email: Satha.Mathiyalakan@umb.edu ABSTRACT
More informationThe Trivial Cisco IP Phones Compromise
Security analysis of the implications of deploying Cisco Systems SIP-based IP Phones model 7960 Ofir Arkin Founder The Sys-Security Group ofir@sys-security.com http://www.sys-security.com September 2002
More informationThe SIP School- 'Mitel Style'
The SIP School- 'Mitel Style' Course Objectives This course will take delegates through the basics of SIP into some very technical areas and is suited to people who will be installing and supporting SIP
More informationHow to make free phone calls and influence people by the grugq
VoIPhreaking How to make free phone calls and influence people by the grugq Agenda Introduction VoIP Overview Security Conclusion Voice over IP (VoIP) Good News Other News Cheap phone calls Explosive growth
More informationBusiness Phone Security. Threats to VoIP and What to do about Them
Business Phone Security Threats to VoIP and What to do about Them VoIP and Security: What You Need to Know to Keep Your Business Communications Safe Like other Internet-based applications, VoIP services
More informationVOIP Attacks On The Rise
VOIP Attacks On The Rise Voice over IP (VoIP) infrastructure has become more susceptible to cyber-attack due to the proliferation of both its use and the tools that can be used for malicious purposes.
More informationENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS
ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS ALCATEL-LUCENT OPENTOUCH SESSION BORDER CONTROLLER A SECURE SOLUTION FOR BORDERLESS CONVERSATIONS APPLICATION
More informationThreats to be considered (1) ERSTE GROUP
VoIP-Implementation Lessons Learned Philipp Schaumann Erste Group Bank AG Group IT-Security philipp.schaumann@erstegroup.com http://sicherheitskultur.at/ Seite 1 Threats to be considered (1) Eavesdropping
More informationSIP Proxy. SIP Proxy. Bicom SYSTEMS. SIP Proxy... Advanced Simplicity
Session border controller solution offering high performance, security and SIP compliance connectivity. 1 DIAGRAM : Registration SIP Client registration for all users (, Business, Hosted PBXware and Wholesale)
More informationVoice Printing And Reachability Code (VPARC) Mechanism for prevention of Spam over IP Telephony (SPIT)
Voice Printing And Reachability Code (VPARC) Mechanism for prevention of Spam over IP Telephony (SPIT) Vijay Radhakrishnan & Ranjith Mukundan Wipro Technologies, Bangalore, India Email:{radhakrishnan.vijay,
More informationAsymetrical keys. Alices computer generates a key pair. A public key: XYZ123345 (Used to encrypt) A secret key: ABC98765 (Used to decrypt)
Encryption keys Symmetrical keys Same key used for encryption and decryption Exchange of symmetrical keys between parties difficult without risk of interception Asymmetrical keys One key for encryption
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationA Novel Approach for Evaluating and Detecting Low Rate SIP Flooding Attack
A Novel Approach for Evaluating and Detecting Low Rate SIP Flooding Attack Abhishek Kumar Department of Computer Science and Engineering-Information Security NITK Surathkal-575025, India Dr. P. Santhi
More informationFRAFOS GmbH Windscheidstr. 18 Ahoi 10627 Berlin Germany info@frafos.com www.frafos.com
WebRTC for Service Providers FRAFOS GmbH FRAFOS GmbH Windscheidstr. 18 Ahoi 10627 Berlin Germany info@frafos.com www.frafos.com This document is copyright of FRAFOS GmbH. Duplication or propagation or
More informationLTE transport network security Jason S. Boswell Head of Security Sales, NAM Nokia Siemens Networks
LTE transport network security Jason S. Boswell Head of Security Sales, NAM Nokia Siemens Networks 1 Nokia Siemens Networks New evolved Networks - new security needs Walled Garden Transport & Protocols
More informationVoIP Security. Customer Best Practices Guide. August 2015. 2015 IntelePeer
VoIP Security Customer Best Practices Guide August 2015 2015 IntelePeer Contents Contents... 2 Getting Started... 3 Pre-Deployment Considerations... 3 Preparation Check-List... 3 Common Security Threats...
More informationINTRUSION DETECTION SYSTEMS and Network Security
INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS
More informationWhite Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
More informationVoIP Security Methodology and Results. NGS Software Ltd
VoIP Security Methodology and Results NGS Software Ltd Barrie Dempster Senior Security Consultant barrie@ngssoftware.com Agenda VoIP Security Issues Assessment Methodology Case Study: Asterisk VoIP Security
More informationNetwork Access Security. Lesson 10
Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.
More informationUser authentication in SIP
User authentication in SIP Pauli Vesterinen Helsinki University of Technology pjvester@cc.hut.fi Abstract Today Voice over Internet Protocol (VoIP) is used in large scale to deliver voice and multimedia
More informationVoIP Security. Seminar: Cryptography and Security. 07.06.2006 Michael Muncan
VoIP Security Seminar: Cryptography and Security Michael Muncan Overview Introduction Secure SIP/RTP Zfone Skype Conclusion 1 Introduction (1) Internet changed to a mass media in the middle of the 1990s
More informationInternet Security. Prof. Anja Feldmann, Ph.D. anja@net.t-labs.tu-berlin.de http://www.net.t-labs.tu-berlin.de/
Internet Security Prof. Anja Feldmann, Ph.D. anja@net.t-labs.tu-berlin.de http://www.net.t-labs.tu-berlin.de/ Prof. Dr. Jean-Pierre Seifert jpseifert@sec.t-labs.tu-berlin.de http://www.sec.t-labs.tu-berlin.de/
More informationSession Initiation Protocol Security Considerations
Session Initiation Protocol Security Considerations Sami Knuutinen Helsinki University of Technology Department of Computer Science and Engineering May 28, 2003 Abstract Session Initiation Protocol (SIP)
More information