[VOIPSEC] [SearchSecurity.com] Better VoIP training needed, SANS director says

Simon Horne s.horne at packetizer.com
Mon Dec 11 14:32:36 GMT 2006 

Diana

As I know you are aware the final daft of the standards for H.323 (which 
are almost identical to the ITU documents) are freely available and have 
been for many years.
http://www.packetizer.com/voip/h323/standards.html

I'm not here to debate protocols or how easy they are to implement or not, 
leave that for a developers debate, we are talking about security (on a 
VoIP security list) and how having a security framework built in to the 
protocol from the very beginning makes securing that protocol in the future 
a lot easier.

Simon

At 09:53 PM 11/12/2006, you wrote:
>Hello Simon,
>
>Do you know why people are quiting H.323?
>Because the standards are closed, which means that we have to buy them in 
>order to implement them. The second reason is because are limited. Maybe 
>you like to have a protocol that rotates the camera, and it seems so damn 
>cool, but i like a solution that can handle 10000 connections on a server 
>and it can have conferences and everything i can dream of.
>Maybe you like and you understand H.323, but I'm scared every time what i 
>have to introduce some new H.323 feature in Yate, so the testing procedure 
>for H.323 is the most complicated we have in Yate.
>Implementing SIP is like a walk in the park compared with H.323, and 
>Jabber/Jingle is like a warm spring day.
>And i didn't mention IAX which because it has both signaling and data on 
>the same protocol is like having a warm jacuzzi during a cold winter day 
>to implement security for it.
>Maybe PSTN compatibility is important for you. But that's so '90's. And 
>I've started to do VoIP in the 21 century.
>
>Diana Cionoiu
>
>Simon Horne wrote:
>
>>
>>Diana
>>
>>I totally agree, security is not a mainstream issue until it starts to 
>>become an issue, then of course it's all too late.
>>
>>On the topic of IM have you had a chance to read my proposal and working 
>>document H.460.tm (Text Messaging)
>>http://www.packetizer.com/voip/h323/doc_status.html
>>It is completely backwards interoperable. You can have two softphone 
>>connected to an old cisco network and be able to exchange text messages 
>>between eachother.  Gives you something to think about :-)
>>
>>
>>>P.S. In H.323 haft of the bugs have been in ASN.1 parser, because that 
>>>protocol is too difficult to implement.
>>
>>
>>This is a kinda funny statement to make given you previous post on the 
>>topic..:-)  There are quite a few (as you know) very good ASN.1 parsers 
>>available in both open source and can be purchased. For instance it took 
>>me no more than about 5 minutes (serious) to upgrade my code from H.323v5 
>>to H.323v6 using an open source ASN.1 C++ parser and ASN.1 definitions 
>>straight out of the standards documents. Once you have a decent parser 
>>then building is just a snap. Understanding how it all works is a 
>>different story. The protocol is extremely complicated (in some areas 
>>overly complicated) but it was designed to accommodate most requirements 
>>of a VoIP system including PSTN interoperability and security framework 
>>from the very beginning. Trying to add these features later on can be 
>>just as difficult or more difficult to implement.
>>
>>I personally have used the existing security framework of H.323 to 
>>embedding digital certificates for authentication, diffie-hellmen keys 
>>for media encryption, caller credentials (username/password) for border 
>>call admission etc into pre-existing standard signalling messages and 
>>successfully deployed these devices interoperablity in pre-existing H.323 
>>networks. This isn't rocket science, if a flexible security framework 
>>exists than with a bit of effort it is possible, if it does not then 
>>securing that VoIP network, at best is difficult and potentially costly 
>>wholesale upgrading endeavor or at worst a worthless completely broken 
>>mess like email.
>>
>>
>>Simon
>>
>>
>>
>>
>>
>>
>>
>>At 12:51 AM 11/12/2006, Diana Cionoiu wrote:
>>
>>>Hello Simon,
>>>
>>>This is why we decided to support Jingle in Yate. Jingle has the 
>>>advantage that it has a mechanism that works against spam (the dialback 
>>>system existing in Jabber), better than any other VoIP protocol that i 
>>>know, and it also has support for IM, and gateways to the main existing 
>>>networks, and probably in the future we will be able to build gateways 
>>>for audio.
>>>In the end i can say that i do hope for better networks, but security 
>>>has never been a mainstream issue, and i doubt it will become very soon. 
>>>So any protocol that wants to have a chance this days has to provide 
>>>more than security.
>>>
>>>Diana Cionoiu
>>>
>>>P.S. In H.323 haft of the bugs have been in ASN.1 parser, because that 
>>>protocol is too difficult to implement.
>>>
>>>Simon Horne wrote:
>>>
>>>>I have to agree with Richard, those on this list know there are 
>>>>currently functioning, workable VoIP solutions (and have been for many 
>>>>years) which have security built in from the get-go including SMA and 
>>>>H.323. You can't blame the programmer if the protocol he/she has to 
>>>>work with does not have the native capacity to support the required 
>>>>security the programmer is trying to program.  Its not the programmers fault.
>>>>
>>>>Lets be honest. The market has chosen to adopt a protocol which is very 
>>>>difficult to secure (as it has no native security support itself). That 
>>>>choice may come back to haunt the entire industry.
>>>>
>>>>Simon

More information about the Voipsec mailing list