Despite warnings that VoIP is vulnerable to a new breed
of attacks, the biggest threat to it remains weaknesses in general
network security, according to a presentation at the RSA
conference.
Although experts are aware of possible attacks that could be
made against VoIP protocols; worms, viruses and other exploits that
take down servers or congest networks are the real exploits that
hurt VoIP, said David Endler, chairman of the VoIP Security
Alliance (VoIPSA) and director of security research for 3Com's
TippingPoint division.
Analysis of IP voice components is key to keeping VoIP networks
secure, said Endler. For instance, some IP PBXs are based on
Windows, so any security flaws in Windows are security flaws in the
voice network.
Users should also check the management platforms of IP voice
gear, Endler added. Some use the TFTP protocol, which requires no
authentication, so hackers could glean information about the VoIP
network that could be valuable in itself or provide information for
future attacks.
Attacks against VoIP in particular will probably arrive soon,
Endler said, but no one can be sure when. One likely form of attack
will be fuzzing, the practice of sending malformed packets within
VoIP protocols. For example, putting a string of integers in a
packet when the protocol expects letters might cause IP PBXs to
shut down.
To protect VoIP networks, Endler recommends:
• Patching gear regularly against known threats
• Changing default passwords on all gear
• Following suppliers’ checklists for securing gear when
installed
• Using intrusion prevention gear
• Using VoIP aware firewalls to protect IP PBXs
Here’s another alternative: don’t use VoIP!