[VOIPSEC] [SearchSecurity.com] Better VoIP training needed, SANS director says

Shawn Merdinger shawnmer at gmail.com
Thu Dec 7 17:13:43 GMT 2006


Wow, Stephen Northcutt kinda throws down here...


TechTarget:  A new item on this year's list is the VoIP threat. What
is the SANS Institute doing to bolster awareness in this area?

Northcutt: This is my single-greatest failure. We don't have the kind
of intensive "here's what the packets look like" training that's
needed. The problem is just massive. A technology like this never
should have been rolled out without more thought to security. If I had
my way, I would have the creators of VoIP stop everything and redesign
this with security in mind from the get-go.


...Run VoIP as a separate cable, where you'd have one cable for data
and another for voice...



More information about the Voipsec mailing list