White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

Transcription

1 A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better, security is often a secondary concern, or may be overlooked entirely. Unless proper steps are taken to protect VoIP systems on your data networks, you could be leaving open holes that can be exploited by intruders to disrupt all applications on your converged infrastructure, including voice calls. This step-by-step guide identifies the common threats and the countermeasures used to protect converged networks. Your VoIP solution provider will be your first line of defense in managing this issue. A balancing act The reason IP networks are so vulnerable to attack is that Internet protocols developed decades ago were not designed with security in mind. Security features were added later as specific threats emerged, resulting in the piecemeal fixes we contend with today. This has forced network administrators to take an active role in identifying threats and taking countermeasures to deal with them. Since voice conversations are carried over data networks as packets, just like every other application on the network, VoIP systems are susceptible to the same threats that are commonly launched against servers residing on IP data networks. The key to effective security is to focus on critical points of vulnerability those areas where the IP infrastructure or services are susceptible to known or expected attacks. However, since VoIP is a

2 real-time application, the security solution must not bog down performance to the point that conversations are disrupted. Types of attacks Denials of Service Attacks (DoS) originate on the Internet and are typically launched against web servers. In this type of attack, a server is bombarded with bogus service requests. The server becomes so busy trying to answer these requests that service is denied to those with legitimate requests. The intent of the attacker is to stop the server from functioning, thereby frustrating a company s customers and motivating them to take their business elsewhere. The DoS attack is not strictly limited to web servers; with more frequency, this type of attack is being launched against customer premises equipment (CPE), which includes VoIP systems. Among other things, your VoIP equipment has an operating system, just like any other server on your data network. The VoIP system provides critical functions like dialtone and call routing. A DoS attack can affect your VoIP system in several ways, including: Force the operating system to shut down, disrupting conversations and preventing calls until service is restored. Trick the VoIP system into accepting phony signaling messages, interfering with the proper operation of the service. Divert the VoIP system s CPU power and memory to handling false requests, degrading the real-time performance of telephone service. Generate excess traffic on your network through the use of worms and viruses, for example, forcing voice packets to be delayed or dropped, interfering with the smooth flow of conversations. Theft of service attacks are launched by intruders who want to make calls for free, using your VoIP system. In one scenario, a hacker could spoof a legitimate IP address to access your VoIP system to make calls anywhere in the world, leaving you stuck with the bill. Thieves can even use your VoIP system to spoof a Caller ID that can be used for phishing. This refers to the act of tricking someone into giving the thief confidential information. As applied to VoIP, phishing would entail a hacker posing as a network administrator to obtain sensitive information from an unsuspecting user within the company. If the user 2011 TCI, a Telcept Holdings LLC. Company Page 2

3 recognizes the Caller ID as being that of the network administrator, he or she will likely cooperate in giving out the requested information. Eavesdropping attacks are directed toward revealing private information within the voice conversation or the signaling protocol. Private data in the signaling protocol may include the phone numbers being called by a subscriber, as well as the IP and MAC addresses of the phones at each end of the conversation. This type of attack, also known as a man-in-the-middle attack, entails use of a spy program that gets in between two communicating parties and intercepts the information passing between them. The packets are intercepted without either party being aware of what s happening. The packets are recorded, collected from the host machine and recovered using protocol analyzer software, which is normally used by technicians to identify problems on data networks. Security solutions Achieving a secure IT environment involves a balance between risk and cost. In the case of VoIP, however, there must also be a balance between risk and quality because of the real-time nature of voice conversation. Therefore, a VoIP security solution must combine existing IP security and VoIP-specific security mechanisms. Denial of Service protection involves the deployment of security mechanisms throughout the infrastructure, such as: At the borders between networks, VoIP-aware routers can be set to block suspicious traffic. Configuration settings within servers, switches, firewalls and routers can shut off packet flooding and other types of DoS attacks that are intended to disrupt service. Software in various network elements, including the VoIP system, should provide the means to limit the amount of resources that will be used for responding to requests. When an attack is suspected, the VoIP systems log files should be examined as the first step in investigating the event and to prevent a recurrence of that event. Access to the VoIP system should be granted only to specific IP addresses, not a range of IP addresses TCI, a Telcept Holdings LLC. Company Page 3

4 PCs are the weak link in security due to user carelessness. Regular and frequent security audits of all network elements, especially PCs, will minimize the introduction and spread of viruses, worms and spyware onto your network. Access to all advanced features of your VoIP system must be protected with authentication and unused features should be disabled to limit their possible use by an attacker. Voice and signal integrity can be maintained on office LANs by logically separating them from general data traffic. On the WAN, VoIP and data traffic can be further separated through the use of virtual private networks (VPNs) to ensure both security and quality of service (QoS). For the ultimate in protection, encryption can be applied to signaling and voice traffic across the WAN, but this entails extra expense. The VoIP router would need to be equipped with a dedicated processor for encryption/decryption tasks so that normal protocol processing does not get bogged down and disrupt the smooth flow of voice communication. The addition of encryption to safeguard voice would also entail the use of more bandwidth, which might boost your costs even more. Depending on the nature of your voice traffic, the additional expense may be justified. Theft of service protection involves putting into place mechanisms for ensuring that only authenticated users and devices can obtain access. The mechanisms include physical security to limit local access as well as secure configurations to limit remote access. In addition, system logs should be monitored regularly to detect unauthorized access attempts. This might reveal internal users who are trying to use VoIP features to which they are not entitled. Logs would also reveal attempts to access internal systems from outside the company, providing you with a clue as to what potential vulnerabilities might exist on your network that deserve closer examination. Other considerations Infrastructure security involves a layered approach such that a failure or breach in one security mechanism does not affect the entire service. These mechanisms include: Server and device security User authentication Network security 2011 TCI, a Telcept Holdings LLC. Company Page 4

5 Software security patch updates Vulnerability scans Networks, systems and applications should be monitored and compared with baseline usage to detect abnormal activity. Security is a continuous process and new threats can emerge. If not managed properly, VoIP security risks can impact performance and mitigate the expected benefits of this powerful technology. The good news is that an experienced business communications partner with VoIP and security expertise understands all of the issues and can make the security concerns transparent to your business. For over 25 years TCI has been supporting client transitions to new technology. We ve always been there evolving networks from analog to digital and now to IP, building and managing the reliable networks our customers have come to depend on. Find out how TCI s secure IP Telephony solutions can benefit your business. Call TCI at 800 TCI 1001 or Don Routhier at routhierd@tcicomm.com. About TCI TCI is one of the largest full-service integrated solutions providers in the Washington D.C. and Baltimore metropolitan areas. We deliver voice, network and data support to organizations of all types and sizes. TCI offers a complete line of client services and business solutions, including security services, in partnership with leading manufacturers. Learn more by visiting our website, TCI, a Telcept Holdings LLC. Company Page 5