[VOIPSEC] Voipsec Digest, Vol 10, Issue 8

Mon Oct 10 08:39:33 BST 2005

Hi all,

> ------------------------------
>
> Message: 6
> Date: Wed, 5 Oct 2005 14:26:39 -0600
> From: Rick.Wanner at sasktel.sk.ca
> Subject: [VOIPSEC] Pen Testing VOIP
> To: Voipsec at voipsa.org
> Message-ID:
> <OF9DD15BB7.D95003CA-ON06257091.007011CE-06257091.00704D84 at sasktel.sk.ca>
>
> Content-Type: text/plain; charset="US-ASCII"
>
> Does anyone have any recommendations for tools that may be useful when
> performing a PenTest in a VOIP infrastructure?  I am mostly interested in
> tools which can be used to validate and exercise the VOIP protocols
> themselves.
>
> Thanks
> Rick
>
>

You might have a look at SIVUS, it's pretty good....

http://www.vopsecurity.org/html/tools.html

Radu

> ------------------------------
>
> Message: 7
> Date: Wed, 05 Oct 2005 11:01:45 -0400
> From: Lou Barsony <barsony at ieee.org>
> Subject: [VOIPSEC] VoIP Book
> To: voipsec at voipsa.org
> Message-ID: <BAYC1-PASMTP01FD555D307B05FF33C9F093820 at CEZ.ICE>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
>
> Has anyone read -
>
> *Voice Over Internet Protocol (Voip) Security*
> by James F., PhD Ransome
>
<http://www.amazon.ca/exec/obidos/search-handle-url/index=books-ca&field-aut
hor=Ransome%2C%20James%20F.%2C%20PhD/701-4020216-5313160>
> (Author), John, PhD Rittinghouse
>
<http://www.amazon.ca/exec/obidos/search-handle-url/index=books-ca&field-aut
hor=Rittinghouse%2C%20John%2C%20PhD/701-4020216-5313160>
> (Author) ?
>

I've read it. It's the only book an VOIP security, such that it's worth
reading. However, rhe contents is quite scattered and the logical flow is
sometimes difficult to follow.  It looks more like a catalogue of problems
and solutions. Also, the book addresses also general network level security
and not only the VOIP part. The 7 th. chapter is very good for the VOIP
security and you can find it  here:
http://searchenterprisevoice.techtarget.com/searchEnterpriseVoice/downloads/VoIPsecurityChap7.pdf

 Radu