Despite warnings that VoIP is vulnerable to a new breed of attacks, the biggest threat to it remains weaknesses in general network security, according to a presentation at the RSA conference.
Although experts are aware of possible attacks that could be made against VoIP protocols; worms, viruses and other exploits that take down servers or congest networks are the real exploits that hurt VoIP, said David Endler, chairman of the VoIP Security Alliance (VoIPSA) and director of security research for 3Com's TippingPoint division.
Analysis of IP voice components is key to keeping VoIP networks secure, said Endler. For instance, some IP PBXs are based on Windows, so any security flaws in Windows are security flaws in the voice network.
Users should also check the management platforms of IP voice gear, Endler added. Some use the TFTP protocol, which requires no authentication, so hackers could glean information about the VoIP network that could be valuable in itself or provide information for future attacks.
Attacks against VoIP in particular will probably arrive soon, Endler said, but no one can be sure when. One likely form of attack will be fuzzing, the practice of sending malformed packets within VoIP protocols. For example, putting a string of integers in a packet when the protocol expects letters might cause IP PBXs to shut down.
To protect VoIP networks, Endler recommends:
• Patching gear regularly against known threats
• Changing default passwords on all gear
• Following suppliers’ checklists for securing gear when installed
• Using intrusion prevention gear
• Using VoIP aware firewalls to protect IP PBXs
Here’s another alternative: don’t use VoIP!