Book description
Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it's notoriously lacking in security. With minimal effort, hackers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.
Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If you're serious about security, and you either use or administer VoIP, you should know where VoIP's biggest weaknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.
Hacking VoIP will introduce you to every aspect of VoIP security, both in home and enterprise implementations. You'll learn about popular security assessment tools, the inherent vulnerabilities of common hardware and software packages, and how to:
Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phishing
Audit VoIP network security
Assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk, and home VoIP solutions like Yahoo! and Vonage
Use common VoIP protocols like H.323, SIP, and RTP as well as unique protocols like IAX
Identify the many vulnerabilities in any VoIP network
Whether you're setting up and defending your VoIP network against attacks or just having sick fun testing the limits of VoIP networks, Hacking VoIP is your go-to source for every aspect of VoIP security and defense.
Table of contents
-
Hacking VoIP Protocols, Attacks, and Countermeasures
- ACKNOWLEDGMENTS
- INTRODUCTION
- 1. AN INTRODUCTION TO VOIP SECURITY
-
I. VOIP PROTOCOLS
-
2. SIGNALING: SIP SECURITY
- SIP Basics
- SIP Messages
- Making a VoIP Call with SIP Methods
- Enumeration and Registration
- SIP Security Attacks
- Summary
-
3. SIGNALING: H.323 SECURITY
- H.323 Security Basics
-
H.323 Security Attacks
- Username Enumeration (H.323 ID)
- H.323 Password Retrieval
- H.323 Replay Attack
- H.323 Endpoint Spoofing (E.164 Alias)
- E.164 Alias Enumeration
- E.164 Hopping Attacks
- Denial of Service via NTP
- Denial of Service via UDP (H.225 Registration Reject)
- Denial of Service via Host Unreachable Packets
- Denial of Service via H.225 nonStandardMessage
- Summary
- 4. MEDIA: RTP SECURITY
- 5. SIGNALING AND MEDIA: IAX SECURITY
-
2. SIGNALING: SIP SECURITY
-
II. VOIP SECURITY THREATS
- 6. ATTACKING VOIP INFRASTRUCTURE
- 7. UNCONVENTIONAL VOIP SECURITY THREATS
- 8. HOME VOIP SOLUTIONS
- III. ASSESS AND SECURE VOIP
- About the Author
- COLOPHON
Product information
- Title: Hacking VoIP
- Author(s):
- Release date: October 2008
- Publisher(s): No Starch Press
- ISBN: 9781593271633
You might also like
book
Hacking Exposed Unified Communications & VoIP Security Secrets & Solutions, 2nd Edition
The latest techniques for averting UC disaster Establish a holistic security stance by learning to view …
book
Securing VoIP
Securing VoIP: Keeping Your VoIP Network Safe will show you how to take the initiative to …
book
Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures
In Securing VoIP Networks, two leading experts systematically review the security risks and vulnerabilities associated with …
book
Firewalls and Internet Security: Repelling the Wily Hacker, Second Edition
The best-selling first edition of became the bible of Internet security by showing a generation of …