[VOIPSEC] Softphone Security

Ari Takanen art at codenomicon.com
Sat Oct 15 11:46:43 CDT 2005 

Hello all,

I would add:

5. Malware that affects the VoIP software will affect all other
   applications on the PC and data services available to that PC (a
   separated VoIP phone would not require access to file services,
   databases, intraweb, ...)

6. Any special permissions that the VoIP application has over firewall
   rules will apply to all applications on that desktop
   (e.g. peer-to-peer software will use SIP for bypassing the security
   policy, which interestingly relates to earlier discussion on
   analyzing the real data content inside the RTP streams)

7. Reliability problems (robustness, load, stress) in data services
   will not disturb voice, and vice versa.

I hope this was relevant to you.

/Ari Takanen
 Codenomicon Ltd. - Robustness and Security Testing Tools
 http://www.codenomicon.com


On Fri, Oct 14, 2005 at 04:26:27PM -0400, Porter, Thomas (Tom) wrote:
> If anyone has thoughts or experiences w/ softphone security, I'd be interested in hearing them...
> 
> >From my POV, the threats that are particular to softphone use include:
> 1.	Many softphones contain advertising software that "phones home" with private user information.
> 2.	Softphones require that PC-based firewalls open a number of high UDP ports as part of the media stream transaction
> 3.	Malware that affects any other application software on the PC can also interfere with voice communications
> 4.	Because a softphone resides on a PC, the principle of logically separating voice and data networks is defeated as the PC must reside in both domains.
> 
> 	Point 1 is easy to deal with. Points 2 & 3 are slightly more troubling, but if the PC is secure enough for email & IM, a softphone should not add too much more risk.  Point 4 is troubling.
> 
> 	Thanks, Tom
> 
> 
> Thomas Porter, PHD
> Lead Security Architect
> Avaya Services Research & Development        
> tporter at avaya.com    
> [O] 919.967.2909
> [Cell - USA] 919.593.3130
> [Cell - Germany] +49.0163.505.9150
> [SIP] 919.951.0052
> [IM] AvayaTPorter 
> 
> 
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

-- 
-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-
Ari Takanen                       Codenomicon Ltd.
ari.takanen at codenomicon.com       Kaitovayla 1
tel: +358-40 50 67678             FIN-90570 Oulu
http://www.codenomicon.com        Finland
PGP: http://www.codenomicon.com/codenomicon-key.asc
-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-

More information about the Voipsec mailing list