San Francisco, CA, October 29, 2008—Voice over Internet Protocol (VoIP) is an increasingly widespread new technology that allows users to escape the tyranny of big telecom and make phone calls over the Internet. But while VoIP may be cheap and convenient, it's notoriously lacking in security. With little effort, attackers can eavesdrop on conversations, disrupt phone calls, inject content into existing conversations, change caller IDs, and access sensitive information—all without the awareness of the VoIP users making the phone calls.
Hacking VoIP (No Starch Press, October 2008, 232 pp, ISBN 9781593271633) approaches VoIP security from two angles, explaining VoIP's many security holes to both hackers and administrators. The book raises awareness of the importance of VoIP security, describes potential attacks, explains VoIP's biggest weaknesses, and offers solutions for protecting against potential exposure and attacks. Readers learn how to defend against VoIP attacks as they explore issues with VoIP security and the boundaries of VoIP protocols.
"VoIP is fun, but it's remarkably easy to attack," said No Starch Press founder Bill Pollock. "People think that when they pick up the telephone they're on a secure line, but not when that call is being made over VoIP. Hacking VoIP demonstrates just how easy it is to attack VoIP, and how best to plug those security holes."
Hacking VoIP explains every aspect of VoIP security, discusses popular security assessment tools, and explores the inherent vulnerabilities of common hardware and software packages. Readers learn how to:
- Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phishing
- Audit VoIP network security and assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk and home implementations like Yahoo! and Vonage
- Use VoIP protocols like H.323, SIP, RTP, and IAX
- Locate potential vulnerabilities in any VoIP network
- Use both existing and newly released VoIP security tools
Whether setting up and defending VoIP networks against attacks or just having sick fun testing the limits of VoIP security, Hacking VoIP is every user's go-to source for VoIP security and defense.
For more information, to schedule an interview with the book's author, or for a review copy of Hacking VoIP, please contact Travis Peterson at No Starch Press (email@example.com, +1.415.863.9900, x300), or visit www.nostarch.com.
About the Author
Himanshu Dwivedi is a leading security expert and researcher. He is the coauthor of Hacking Exposed: Web 2.0 (McGraw-Hill) and Hacker's Challenge 3 (McGraw-Hill), as well as the author of Securing Storage (Addison Wesley) and Implementing SSH (Wiley). A founder of iSEC Partners, Dwivedi manages iSEC's product development and engineering, specialized security solutions, and the creation of security testing tools for customers.
Chapter 7: "Unconventional VoIP Security Threats" (PDF)
Table of contents overview
Detailed table of contents (PDF)
Large cover image
by Himanshu Dwivedi
October 2008, 232 pp
ISBN 9781593271633, $44.95 USD
About No Starch Press
Founded in 1994, No Starch Press is one of the few remaining independent technical book publishers. We publish the finest in geek entertainment—unique books on technology, with a focus on Open Source, security, hacking, programming, alternative operating systems, and LEGO. Our titles have personality, our authors are passionate, and our books tackle topics that people care about. See http://www.nostarch.com/ for a complete catalog. (And most No Starch Press books use RepKover, a lay-flat binding that won't snap shut.)
O’Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O’Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying “faint signals” from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.