[VOIPSEC] [SearchSecurity.com] Better VoIP training needed, SANS director says
shawnmer at gmail.com
Thu Dec 7 17:13:43 GMT 2006
Wow, Stephen Northcutt kinda throws down here...
TechTarget: A new item on this year's list is the VoIP threat. What
is the SANS Institute doing to bolster awareness in this area?
Northcutt: This is my single-greatest failure. We don't have the kind
of intensive "here's what the packets look like" training that's
needed. The problem is just massive. A technology like this never
should have been rolled out without more thought to security. If I had
my way, I would have the creators of VoIP stop everything and redesign
this with security in mind from the get-go.
...Run VoIP as a separate cable, where you'd have one cable for data
and another for voice...
More information about the Voipsec