O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Hacking Exposed Unified Communications & VoIP Security Secrets & Solutions, 2nd Edition

Book Description

The latest techniques for averting UC disaster

Establish a holistic security stance by learning to view your unified communications infrastructure through the eyes of the nefarious cyber-criminal. Hacking Exposed Unified Communications & VoIP, Second Edition offers thoroughly expanded coverage of today’s rampant threats alongside ready-to deploy countermeasures. Find out how to block TDoS, toll fraud, voice SPAM, voice social engineering and phishing, eavesdropping, and man-in-the-middle exploits. This comprehensive guide features all-new chapters, case studies, and examples.

  • See how hackers target vulnerable UC devices and entire networks
  • Defend against TDoS, toll fraud, and service abuse
  • Block calling number hacks and calling number spoofing
  • Thwart voice social engineering and phishing exploits
  • Employ voice spam mitigation products and filters
  • Fortify Cisco Unified Communications Manager
  • Use encryption to prevent eavesdropping and MITM attacks
  • Avoid injection of malicious audio, video, and media files
  • Use fuzzers to test and buttress your VoIP applications
  • Learn about emerging technologies such as Microsoft Lync, OTT UC, other forms of UC, and cloud and WebRTC

Table of Contents

  1. Cover
  2. HACKING EXPOSED™: Unified Communications & VoIP Security Secrets & Solutions, Second Edition
  3. Copyright Page
  4. Dedication
  5. About the Authors
  6. At a Glance
  7. Contents
  8. Acknowledgments
  9. Introduction
  10. Part I Casing the Establishment
    1. Case Study: Is There Really Any SIP in the Internet?
      1. Scanning the Entire Internet for SIP Servers
      2. Using the Shodan Search Engine to Locate Internet SIP Servers
    2. 1 VoIP Targets, Threats, and Components
      1. Campus/Internal UC
      2. Session Initiation Protocol and SIP Trunk Threats
      3. Increased Threats from the Public Voice Network
      4. Hosted UC
      5. Summary
      6. References
    3. 2 Footprinting a UC Network
      1. Why Footprint First?
      2. UC Footprinting Methodology
        1. Scoping the Effort
      3. Summary
      4. References
    4. 3 Scanning a UC Network
      1. Our VoIP Test Bed
      2. Network Host/Device Discovery
        1. ICMP Ping Sweeps
        2. Other ICMP Ping Sweeps
      3. Port Scanning and Service Discovery
      4. Host/Device Identification
      5. UC Phone Scanning and Discovery
      6. Summary
      7. References
    5. 4 Enumerating a UC Network
      1. SIP 101
        1. SIP URIs
        2. SIP Architecture Elements
        3. SIP Requests
        4. SIP Responses
        5. Typical Call Flow
        6. Further Reading
      2. RTP 101
      3. Banner Grabbing
      4. SIP User/Extension Enumeration
      5. Enumeration of Other UC Support Services
      6. UC Application-Level Enumeration
      7. Summary
      8. References
  11. Part II Application Attacks
    1. Case Study: A Real-world Telephony Denial of Service (TDoS) Attack
      1. The Payday Loan Scam
    2. 5 Toll Fraud and Service Abuse
      1. Internal Abuse of Unmonitored Phones
      2. Full-Scale Toll Fraud
      3. Summary
      4. References
    3. 6 Calling Number Spoofing
      1. Calling Number 101
      2. Spoofing/Masking the Calling Number with an IP PBX
      3. Anonymous Calling
      4. Network Services and Smartphone Apps
      5. Summary
      6. References
    4. 7 Harassing Calls and Telephony Denial of Service (TDoS)
      1. Harassing and Threatening Calls
      2. Social Networking TDoS
      3. Automated TDoS
        1. SIP Trunking
        2. Getting Target Numbers
        3. Audio Content
        4. Call Generation
        5. Attack Timing
        6. TDoS Attack Demonstration
        7. Using Virtual Queues
        8. Using Automated DoS to Cover Fraud
      4. Call Pumping
      5. DTMF DoS and Fuzzing
      6. Summary
      7. References
    5. 8 Voice SPAM
      1. Understanding Voice SPAM
        1. The FTC Robocall Challenge
        2. Other Types of UC SPAM
      2. Summary
      3. References
    6. 9 Voice Social Engineering and Voice Phishing
      1. Voice Social Engineering
      2. Voice Phishing
        1. Anatomy of a Traditional Email-based Phishing Attack
      3. Summary
      4. References
  12. Part III Exploiting the UC Network
    1. Case Study: The Angry Ex-Employee
    2. 10 UC Network Eavesdropping
      1. UC Privacy: What’s at Risk
        1. TFTP Configuration File Sniffing
        2. Number Harvesting
        3. Call Pattern Tracking
        4. Conversation Eavesdropping and Analysis
      2. First, Gain Access to the UC Traffic
        1. Compromising a Network Node
      3. Now That We Have Access, Let’s Sniff!
      4. Summary
      5. References
    3. 11 UC Interception and Modifi cation
      1. ARP Poisoning
        1. ARP Poisoning Attack Scenario
      2. Application-Level Interception Techniques
        1. How to Insert Rogue Applications
        2. SIP Rogue Application
      3. Summary
      4. References
    4. 12 UC Network Infrastructure Denial of Service (DoS)
      1. Call and Session Quality
        1. Measuring UC Call Quality
        2. Network Latency
        3. Jitter
        4. Packet Loss
        5. UC Call Quality Tools
      2. What Are DoS and DDoS Attacks?
      3. Flooding Attacks
      4. Network Availability Attacks
      5. Supporting Infrastructure Attacks
      6. Summary
      7. References
    5. 13 Cisco Unifi ed Communications Manager
      1. Introduction to the Basic Cisco UC Components
        1. IP PBX and Proxy
        2. Hard Phones
        3. Softphones
        4. Voicemail
        5. Switches and Routing
        6. Communication Between Cisco Phones and CUCM with SCCP
        7. Basic Deployment Scenarios
      2. Network Reconnaissance
        1. Sniffing
        2. Scanning and Enumeration
      3. Exploiting the Network
      4. Summary
      5. References
  13. Part IV UC Session and Application Hacking
    1. Case Study: An Attack Against Central SIP
    2. 14 Fuzzing, Flooding, and Disruption of Service
      1. Access to SIP and RTP
      2. What Is Fuzzing?
        1. Vulnerabilities 101
        2. Who’s Fuzzing?
      3. Flooding
      4. Summary
      5. References
    3. 15 Signaling Manipulation
      1. Registration Manipulation
        1. Registration Removal
        2. Registration Addition
        3. Registration Hijacking
      2. Redirection Attacks
      3. Session Teardown
      4. SIP Phone Reboot
      5. Other Signaling Manipulation Tools
      6. Summary
      7. References
    4. 16 Audio and Video Manipulation
      1. Media Manipulation
        1. Audio Insertion and Mixing
        2. Video Dropping, Injection, and DoS with VideoJak and VideoSnarf
      2. Media “Steganophony”
      3. Summary
      4. References
    5. 17 Emerging Technologies
      1. Other Enterprise UC Systems
        1. Microsoft Lync
      2. Over-the-Top (OTT)/Internet Softphone Applications
        1. Skype
      3. Mobility and Smartphones
        1. Security
      4. Other Forms of Communications
        1. Video
        2. Text Messaging
        3. Messaging
        4. Enterprise Messaging
        5. Social Networking
      5. Bring Your Own Device (BYOD)
        1. Security
      6. The Cloud
        1. Hosted UC
        2. Security
      7. WebRTC
        1. Security
      8. Summary
      9. References
  14. Index