[VOIPSEC] Special TECHtionary.com TECH-Tip - Phishing and Vishing

Thu Jul 13 10:05:37 CDT 2006

TECHtionary.com TECH-Tip - Phishing and Vishing

The archive animated TECH-Tip tutorial is available at  

http://www.techtionary.com/members/slides/s/smtp.swf

Phishing is term applied to hackers who lure users into sending personal
information via mail.  Disguised at a bank, credit card or other fraud
alert, unsuspecting users provide their real credit information which is
then used for theft.  Vishing is the phishing term being applied to VoIP
where unsuspecting users are sent voice mails to call telephone number which
appears to be a bank but is spoofed to a thief.  The animated explanation
explains how the process is easily done.  Essentially, the Hacker simulates
or "spoofs" a friendly IP address.  Routers respond with LSAck-Link-State
Acknowledgements.  LSA Database advertisements are sent to routers
throughout the network.  Routers Update their Route Tables.  Router then
change from Loading State to Full State and begin IP Datagram packet routing
distributing SPIT or "phishing" email "vishing" calls to IP phones.  Vishing
for telephone telephones will occur in many ways such as the way a spambot
operates.  A spambot is a search engine program that searches the internet
like search engines do.  However, the function of the spambot is to
return-retrieve email addresses found on most web sites, list-servs,
user-groups and such as those found in Contacts/Info categories.  In
addition, Spambots can makeup/create email addresses from web site
information such as webmaster at abc.com, president at abc.com.

Spam works like this.  An SMTP "open relay" email server is a server that
allows any other server connects to it and relay-forward email.   A properly
configured (protected) email server will only allow authorized users
(customers) to send email.   The ISP-Internet Service Protocol or online
service that provides (hosts) email should guard against relay email.
Anonymous re-emailers are open relay servers that strip out (remove) the
email or IP-Internet Protocol header info (address) and replace it with
bogus (false) information to avoid trace backs (via trace route software).

Since this tutorial focuses on VOIP Security, please see other
http://www,.techtionary.com tutorials on IP Security or SS7.  In VOIP
security, there are two primary network issues - Signaling Path (in green)
and Media Path (in purple).  The Signaling Path shown here comes from
control of TCP-Transmission Control Protocol issues explained next.  Media
Path control comes from protection of the conversation contained in
IP-Internet Protocol packets.    SPAM or SPIT hackers can attack either the
Signaling Path or Media Path to add messages, redirect messages to other
sites or intercept and corrupt voice messages.

TECHtionary.com produces animated sales brochures, virtual installation
manuals and animated web infomercials.  The company has more than 2,800 free
tutorials on data, internet, wireless, Voice over Internet Protocol, PBX
Systems, central office switching, protocols, telephony, telecommunications,
networking, routing, IPTV, WiMax, power systems, broadband, WiFi-wireless
fidelity and other related technologies available at
http://www.techtionary.com <http://www.techtionary.com/> .  Thomas Cross is
a magazine columnist many key technology publications and a member of the
Technical Board of Advisors for the VoIP-Security Alliance. 

He can be reached at 303-594-1694, or cross at gocross.com