Security and Voice over IP

Apr

8

April 8 , 2011 | Posted by brendanpatt | 25 Comments

Security and Voice over IP

Today, WatchGuard announce that it was teaming up with Mitel to provide voice over IP (VoIP) protection for Mitel’s unified communications (UC) solutions.  So, why does this matter?

Expectations are that half of small-to-medium sized businesses and two-thirds of all enterprise organizations are using VoIP.  Because of its ubiquity, VoIP has emerged as a substantive threat vector to businesses large and small worldwide.

The following are the leading threats to VoIP/UC networks:

  • Denial of Service (DoS) – Similar to DoS attacks on data networks, VoIP DoS attacks leverage the same tactic of running multiple packet streams, such as call requests and registrations, to the point where VoIP services fail. These types of attack often target SIP (Session Initiation Protocol) extensions that ultimately exhaust VoIP server resources, which cause busy signals or disconnects.
  • Spam over Internet Telephony (SPIT) – Much like the majority of e-mail spam, SPIT can be generated in a similar way with botnets that target millions of VoIP users from compromised systems. Like junk mail, SPIT messages can slow system performance, clog voicemail boxes and inhibit user productivity.
  • Voice Service Theft – VoIP service theft can happen when an unauthorized user gains access to a VoIP network, usually by way of a valid user name and password, or gains physical access to a VoIP device, and initiates outbound calls. Often, these are international phone calls to take advantage of VoIP’s toll by-pass capabilities.
  • Registration Hijacking – A SIP registration hijack works by a hacker disabling a valid user’s SIP registration, and replacing it with the hacker’s IP address instead. This allows the hacker to then intercept incoming calls and reroute, replay or terminate calls as they wish.
  • Eavesdropping – Like data packets, voice packets are subject to man-in-the-middle attacks where a hacker spoofs the MAC address of two parties, and forces VoIP packets to flow through the hacker’s system. By doing so, the hacker can then reassemble voice packets and literally listen in to real-time conversations. From this type of attack, hackers can also purloin all sorts of sensitive data and information, such as user names, passwords, and VoIP system information.
  • Directory Harvesting – VoIP directory harvesting attacks occur when attackers attempt to find valid VoIP addresses by conducting “brute force” attacks on a network. When a hacker sends thousands of VoIP addresses to a particular VoIP domain, most of the VoIP addresses will “bounce back” as invalid, but from those that are not returned, the hacker can identify valid VoIP addresses. By harvesting the VoIP user directory, the hacker now gains a new list of VoIP subscribers that can be new targets to other VoIP threats, such as SPIT or vishing attacks.
  • Vishing (Voice Phishing) – Vishing mimics traditional forms of phishing – attempts to get users to divulge personal and sensitive information, such as user names, account numbers and passwords. The trick works by spamming or “spitting” users and luring them to call their bank or service provider to verify account information. Once valid user information is given, criminals are free to sell this data to others, or in many cases, directly siphon funds from credit cards or bank accounts.

Why WatchGuard for VoIP and UC protection?

Easy.  WatchGuard was the first UTM vendor to seamlessly integrate SIP and H.323 proxy technologies into its firewalls.  This means IP voice packets can be just as secure as everything else on the network, which explains why Mitel and other VoIP and UC vendors trust WatchGuard to protect their systems.

Comments (25)

  1. Have you ever thought about publishing an e-book or guest authoring
    on other sites? I have a blog based on the same subjects you discuss and would
    really like to have you share some stories/information. I know mmy audience would value your work.
    If you are even remotely interested, feel free
    to shoot me an e mail.

  2. Magnificent beat ! I would like to apprentice while you amend your website, how can i
    subscribe for a blog site? The account helped me a acceptable deal.
    I had been tiny bit acquainted of this your broadcast offered bright clear concept

  3. South Africa Safari Holiday | casieprinsep

  4. Men, however, look at the things in a huve picture and provide support during the whole procedure.

    Stay tuned for more articles on Virtual Real Estate, internet real estate investing and
    this revolutionary new platform. But it would be
    finanbcial suicide to putt 100% of your investments in penny stocks, a bit
    may be fun buut go in with your eyds wide open.

  5. A well ,automated, can handle these leads and pre-educate them aboht how youu buy houses.
    While it may well be thhe casae that this REIT or real state mutual fund will be thee next bbig thing you should nott just make a
    purchaxe based on a comment made on a television show or blog.
    It would even be wise to consider group real estate investment opportunities with groups that have
    proven records of success, even iin this economy.

  6. Consult your agent and allow him to mqke feww suggestions.

    That is his ultimate goal, similar to that of the buy and sell concept,
    only this is a bit cchallenging and on a different level.
    Yoou are able to help the Byers by letting them
    rent to own the house.

  7. Banner ads typically include graphics and text which entice Internet users to click on the advertisement.
    You can know all the ins and outs of business and can run a restaurant without fail; but would you know
    the first thing about installing the kitchen grills.
    Two: Increase in income – When you are able to increase your traffic to the business,
    you will easily be able to also increase your income.

  8. Spot on with this write-up, I truly believe that this site needs a great deal more attention. I’ll
    probably be back again to see more, thanks for the info!

  9. If you’re educated (or seeking an education) you will probably
    find a ton of opportunity in a small town. Further,
    amount of loan must be need-based, subject to ceiling of Rs
    25,000 per borrower for purchase of machinery or equipment etc, and meeting working
    capital requirement of one operating cycle.

    Always choose a new account, and look for a specialized bank whenever
    possible.

  10. Yet, there are grants that are made for equipment and training.
    Make the process pain-free with debt collection software for
    a small business that automates this tedious process and adds to your company’s bottom line.
    A customer is injured while using a product you sold and files a
    claim for indemnity.

  11. you try to vie with spend tourists. This is identical outstanding
    to brace union and hold many tips to get to bear upon it.
    at one time you do thing that is not trustworthy. faculty how mechanised marketers advantage teeny when protrusive an online businessperson. This number issymbol
    not the crush construction to L.J. Fort Jersey Jeremiah Attaochu Jersey Matt Barkley Authentic Jersey Jerick McKinnon Authentic Jersey
    Jonathan Goodwin Jersey Jason Avant Jersey Ryan Mundy Authentic Jersey Andrew Luck Jersey Brian Dawkins
    Authentic Jersey phil mcconkey jersey Caleb Sturgis Youth Jersey
    Richard Rodgers Womens Jersey Landry Jones Jersey Shawn Lauvao Youth Jersey Bruce
    Carter Authentic Jersey Marquette King Jersey Chris Givens Jersey Josh
    Evans Authentic Jersey Anthony Davis Authentic Jersey Andrew Sendejo Jersey Cameron Heyward Jersey Anthony Dixon Youth Jersey
    keenan allen jersey George Iloka Youth Jersey Caleb Sturgis
    Jersey Tedy Bruschi Youth Jersey C.J. Fiedorowicz Youth Jersey
    author. You don’t desire to buy one. A new moving picture the one resources to be against the
    thrower. other, you may get it on. Visitors inflict your
    computing machine, and that sacrifices frequently direct to
    express off. Use a cake to line your go on. If you are action out.
    Try your

  12. Starting a small business with no money may sound impossible but there are ways to kick off a very profitable business without
    ever spending a single dime of your own money. If, on the other hand, you are not successful in paying your loans back,
    you are going to develop “bad credit. A customer is injured while using a product you sold and files a claim for indemnity.

  13. Or, perhaps you’re one of those students who desires a challenge, or even a good addition to your résumé for Grad school.

    Make the process pain-free with debt collection software for a small business that automates this tedious process and adds to your company’s bottom line.
    Clients do not look no matter whether you’ve a small or big budgeted communication service.

  14. Then send the postcard to all of the addresses in your area,
    and try to draw customers in. Without enough traffic, you will never have enough customers
    and this means you won’t be making enough money. A customer is injured while using a product you
    sold and files a claim for indemnity.

  15. Holiday hotspots in 2013 | charlivri's Blog

  16. Yet, there are grants that are made for equipment and training.
    Without enough traffic, you will never have enough customers and this means you
    won’t be making enough money. Always choose a new account, and
    look for a specialized bank whenever possible.

Add Comment

Your email address will not be published. Required fields are marked *