Hacking VoIP - Protocols, Attacks, and Countermeasures

Ulteriori informazioni

Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it's notoriously lacking in security.
With minimal effort, hakers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.
Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If you're seriious about security, and you either use or administer VoIP, you should know where VoIP's biggest waknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.
Hacking VoIP will introduce you to every aspect of VoIP security, both in home and enterprise implementations. You'll learn about popular security assessment tools, the inherent vulnerabilities of common hardware and software packages, and how to:
- Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phinsing
- Audio VoIP network security
- Assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk, and home VoIP solutions like Yahoo! and Vonage
- Use common VoIP protocols like H.323, SIP, and RTP as well as unique protocols like IAX
- Identify the many vulnerabilities in any VoIP network
Whether you're setting up and defending your VoIP network against attacks or just having sick fun testing limits of VoIP networks, Hacking VoIP is your go-to source for every aspect of VoIP security and defense.

Sommario

Acknowledgments
Introduction
Chapter 1: An Introduction to VoIP Security
PART I: VoIP Protocols
Chapter 2: Signaling: SIP Security
Chapter 3: Signaling: H.323 Security
Chapter 4: Media: RTP Security
Chapter 5: Signaling and Media: IAX Security
PART II: VoIP Security Threats
Chapter 6: Attacking VoIP Infrastructure
Chapter 7: Unconventional VoIP Security Threats
Chapter 8: Home VoIP Solutions
PART III: Assess and Secure VoIP
Chapter 9: Securing VoIP
Chapter 10: Auditing VoIP for Security Best Practices
Index

Info autore

Himanshu Dwivedi is a leading security expert and researcher. He has published four books, Hacking Exposed: Web 2.0 (McGraw-Hill), Securing Storage (Addison Wesley), Hacker's Challenge 3 (McGraw-Hill), and Implementing SSH (Wiley). A founder of iSEC Partners, Himanshu manages iSEC's product development and engineering, specialized security solutions, and the creation of security testing tools for customers.

Riassunto

Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it's notoriously lacking in security.
With minimal effort, hakers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.

Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If you're seriious about security, and you either use or administer VoIP, you should know where VoIP's biggest waknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.

Hacking VoIP will introduce you to every aspect of VoIP security, both in home and enterprise implementations. You'll learn about popular security assessment tools, the inherent vulnerabilities of common hardware and software packages, and how to:

- Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phinsing

- Audio VoIP network security

- Assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk, and home VoIP solutions like Yahoo! and Vonage

- Use common VoIP protocols like H.323, SIP, and RTP as well as unique protocols like IAX

- Identify the many vulnerabilities in any VoIP network

Whether you're setting up and defending your VoIP network against attacks or just having sick fun testing limits of VoIP networks, Hacking VoIP is your go-to source for every aspect of VoIP security and defense.