SIP Trunking & Security in an Enterprise Network

100 %
0 %
Information about SIP Trunking & Security in an Enterprise Network
Technology

Published on September 29, 2008

Author: danyork

Source: slideshare.net

Description

How secure are your VoIP systems as you deploy SIP-based systems in an enterprise environment? In this slide deck presented by VOIPSA Best Practices Chair Dan York at the Ingate SIP Trunking Seminars at ITEXPO September 17, 2008, Dan York walks through the security issues related to VoIP (with a focus on SIP trunking), the tools out there to attack/test VoIP systems, best practices and resources. (An audio recording of this session was made and will be available.)

SIP Trunking & Security in an Enterprise Network Dan York, CISSP VOIPSA Best Practices Chair September 17, 2008

© 2008 VOIPSA and Owners as Marked

Privacy Availability Compliance Confidence Mobility Cost Avoidance Business Continuity © 2008 VOIPSA and Owners as Marked

© 2008 VOIPSA and Owners as Marked

© 2008 VOIPSA and Owners as Marked

© 2008 VOIPSA and Owners as Marked

© 2008 VOIPSA and Owners as Marked

TDM security is relatively simple... PSTN Gateways TDM Switch Physical Voicemail Wiring © 2008 VOIPSA and Owners as Marked

VoIP security is more complex Operating Desktop PSTN E-mail Systems PCs Gateways Systems Network Web Firewalls Switches Servers Standards Voice over PDAs Wireless Instant IP Devices Messaging Directories Internet Databases Physical Voicemail Wiring © 2008 VOIPSA and Owners as Marked

VoIP can be more secure than the PSTN if it is properly deployed. © 2008 VOIPSA and Owners as Marked

VoIP Security Concerns

Security concerns in telephony are not new… Image courtesy of the Computer History Museum © 2008 VOIPSA and Owners as Marked

Nor are our attempts to protect against threats… Image courtesy of Mike Sandman – http://www.sandman.com/ © 2008 VOIPSA and Owners as Marked

Security Aspects of IP Telephony Media / Voice Manage TCP/IP Call ment Network Control PSTN Policy © 2008 VOIPSA and Owners as Marked

Media Eavesdropping Degraded Voice Quality Encryption Virtual LANs (VLANs) Packet Filtering © 2008 VOIPSA and Owners as Marked

Signaling Denial of Service Impersonation Toll Fraud Encryption Encrypted Phone Software Proper Programming © 2008 VOIPSA and Owners as Marked

Management Web Interfaces APIs! Phones! Encryption Change Default Passwords! Patches? We don’t need... © 2008 VOIPSA and Owners as Marked

PSTN © 2008 VOIPSA and Owners as Marked

Geography © 2008 VOIPSA and Owners as Marked

Internet LAN © 2008 VOIPSA and Owners as Marked

SIP Trunking

The Challenge of SIP Trunking PSTN SIP Service Provider Internet IP-PBX LAN © 2008 VOIPSA and Owners as Marked

SIP Trunking PSTN SIP Service Provider Carrier Network IP-PBX LAN © 2008 VOIPSA and Owners as Marked

The Challenge of SIP Trunking PSTN SIP Service Provider Internet IP-PBX LAN © 2008 VOIPSA and Owners as Marked

SIP Trunking - Business Continuity PSTN SIP Service Provider SIP Service Internet Provider IP-PBX LAN © 2008 VOIPSA and Owners as Marked

SIP Trunking - Business Continuity PSTN SIP Service Provider SIP Service Internet Provider IP-PBX SIP Service LAN Provider © 2008 VOIPSA and Owners as Marked

Cloud Computing

Geography © 2008 VOIPSA and Owners as Marked

Moving Voice Applications into “the Cloud” Application Platform Internet / WAN IP-PBX LAN PSTN © 2008 VOIPSA and Owners as Marked

Moving Telephony into “the Cloud” Hosted “IP-PBX” Internet / WAN Firewall LAN PSTN © 2008 VOIPSA and Owners as Marked

Can you trust “the Cloud” to be there? © 2008 VOIPSA and Owners as Marked

Questions for SIP Trunk Providers or Cloud Computing Platforms? • What kind of availability guarantees / Service Level Agreements (SLAs) does the platform vendor provide? • What kind of geographic redundancy is built into the underlying network? • What kind of network redundancy is built into the underlying network? • What kind of physical redundancy is built into the data centers? • What kind of monitoring does the vendor perform? • What kind of scalability is in the cloud computing platform? • What kind of security, both network and physical, is part of the computing platform? • Finally, what will the vendor do if there is downtime? Will the downtime be reflected in your bill? © 2008 VOIPSA and Owners as Marked

Spam / SPIT

What about SPIT? (“SPam over Internet Telephony”) • What does a traditional telemarketer need? • Makes for great headlines, but not yet a significant threat • Fear is script/tool that: – Iterates through calling SIP addresses: • 111@sip.company.com, 112@sip.company.com, … • Opens an audio stream if call is answered (by person or voicemail) – Steals VoIP credentials and uses account to make calls • Reality is that today such direct connections are generally not allowed • This will change as companies make greater use of SIP trunking and/or directly connect IP-PBX systems to the Internet (and allow incoming calls SPAM from any other IP endpoint) • Until that time, PSTN is de facto firewall © 2008 VOIPSA and Owners as Marked

Resources

What is the Industry Doing to Help? Security Vendors VoIP Vendors “The Sky Is Falling!” “Don’t Worry, Trust Us!” (Buy our products!) (Buy our products!) © 2008 VOIPSA and Owners as Marked

Voice Over IP Security Alliance (VOIPSA) • www.voipsa.org – 100 members from VoIP and security industries • VOIPSEC mailing list – www.voipsa.org/VOIPSEC/ • “Voice of VOIPSA” Blog – www.voipsa.org/blog • Blue Box: The VoIP Security Podcast – www.blueboxpodcast.com • VoIP Security Threat Taxonomy • Best Practices Project underway now Security Research Market and Social Classification Best Practices Outreach Objectives and Taxonomy of for VoIP Communication Constraints Security Threats Security of Findings Security System Testing LEGEND Published Active Now Ongoing © 2008 VOIPSA and Owners as Marked

www.voipsa.org/Resources/tools.php © 2008 VOIPSA and Owners as Marked

© 2008 VOIPSA and Owners as Marked

Tools, tools, tools... • UDP Flooder • Asteroid • IAX Flooder • enumIAX • IAX Enumerator • iWar • ohrwurm RTP Fuzzer • StegRTP • RTP Flooder • VoiPong • INVITE Flooder • Web Interface for SIP Trace • AuthTool • SIPScan • BYE Teardown • SIPCrack • Redirect Poison • SiVuS • Registration Hijacker • SIPVicious Tool Suite • Registration Eraser • SIPBomber • RTP InsertSound • SIPsak • RTP MixSound • SIP bot • SPITTER © 2008 VOIPSA and Owners as Marked

Security Links • VoIP Security Alliance - http://www.voipsa.org/ – Threat Taxonomy - http://www.voipsa.org/Activities/taxonomy.php – VOIPSEC email list - http://www.voipsa.org/VOIPSEC/ – Weblog - http://www.voipsa.org/blog/ – Security Tools list - http://www.voipsa.org/Resources/tools.php – Blue Box: The VoIP Security Podcast - http://www.blueboxpodcast.com • NIST SP800-58, “Security Considerations for VoIP Systems” – http://csrc.nist.gov/publications/nistpubs/800-58/SP800-58-final.pdf • Network Security Tools – http://sectools.org/ • Hacking Exposed VoIP site and tools – http://www.hackingvoip.com/ © 2008 VOIPSA and Owners as Marked

VoIP can be more secure than the PSTN if it is properly deployed. © 2008 VOIPSA and Owners as Marked

Q&eh? www.voipsa.org Dan York - dyork@voxeo.com

Add a comment

Related presentations