Today here at VoiceCon in San Francisco, Dave Endler and Mark Collier (both of whom are involved with VOIPSA) gave a 3-hour tutorial on “IP Telephony Security Threats and Countermeasures”. For those who have read Dave and Mark’s “Hacking Exposed: VoIP” book, the tutorial followed the overall flow of the book. They began with Dave talking about gathering information about a target, using scanning, enumeration, Google-hacking, etc. Dave continued with talking about attacking the network through DoS, eavesdropping and then network interception – and the appropriate countermeasures to defend against the attacks. After the break, Mark went into attacks against Avaya systems and appropriate countermeasures. Dave followed with a similar section on attacks and countermeasures for Cisco systems. Mark came back to talk about attacks against applications, fuzzing and ultimately social attacks such as SPIT and voice phishing. Mark also spent a good amount of time talking about the various tools they developed as part of the book. Mark noted that they have updated the tools available on hackingvoip.com and will be making more updates in the coming months.
In his section on attacking Avaya systems, Mark Collier stressed a point we’ve made here on this blog:
“It’s great to have encryption enabled for signaling and voice and to buy phones that support it. Encryption is great and I highly recommend it. But if you don’t disable telnet or change default passwords, all that secure encryption really isn’t worth much.”
All in all a great session for folks looking for an introduction to VoIP security attacks and appropriate countermeasures.