Being in Malaysia myself this week, I stumbled across this article by the Grugq in the Malaysia Star. It’s quite a nice roundup of the coming threats in the VoIP world. The mention of phone freakers brought back a thought I had a few weeks ago. Before digital networks, phone phreakers were able to play tones down the phone handset (using a Blue Box), emulating the tones used by the telco themselves, and this allowed them to get free calls and mess around with the network.
With digital networks, all the signalling started to be done with SS7, carried on a parallel network dedicated to signalling traffic.  SS7 doesn’t extend to the phone handset, so suddenly phreakers were out of business. This has been great for telcos, since the SS7 net was isolated and pretty safe from evildoers.
In some ways with VoIP, we’ve now gone back the other way. Now all the VoIP signalling protocols, as well as the voice, go to the handset. This allows phreakers to send any kind of message (SIP, H323 etc) they like into the net, to see what the result is. This is a much worse proposition for the telcos, since they now need to make sure their edge switches are stable, secure, and as far as possible invulnerable to poorly formed messages, or floods of messages. Today, it’s not a huge problem, but with Next Generation Networks (like IP Multimedia Subsystem or IMS) an awful lot of work is going to be needed to make the networks safe from attackers.
The Grucq is speaking at the HITB Security Conference in Malaysia, as is security guru Bruce Schneier.