Вы находитесь на странице: 1из 22

VoIP VULNERABILITIES

CCIP INFORMATION NOTE | ISSUE 06


Matthew Hurley, January 07
VoIP VULNERABILITIES
The following report outlines characteristics of Voice over Internet Protocol (VoIP).
It explains the benefits and history of VoIP. Then it describes current VoIP standards
and the security risks and vulnerabilities that surround the technology. In addition,
particular attention is drawn to Skype, currently the most popular VoIP application
in use today.
Table of contents

Table of Contents

Table of contents���������������������������������������������������������������������������������� 3

Introduction��������������������������������������������������������������������������������������������� 4

VoIP Benefits�������������������������������������������������������������������������������������������� 5

VoIP History���������������������������������������������������������������������������������������������� 6

VoIP Standards���������������������������������������������������������������������������������������� 7

H.323������������������������������������������������������������������������������������������������������������ 8

Session Initiation Protocol (SIP)���������������������������������������������������� 9

VoIP Vulnerabilities����������������������������������������������������������������������������10

Risks & Vulnerabilities Inherited from IP������������������������������ 11

Risks & Vulnerabilities Associated with VoIP����������������������12

Risks & Vulnerabilities Specific to VoIP����������������������������������14

Skype����������������������������������������������������������������������������������������������������������17

Conclusion����������������������������������������������������������������������������������������������19

References�����������������������������������������������������������������������������������������������20

Disclaimer Information�������������������������������������������������������������������21

VoIP VULNERABILITIES | MATTHEW HURLEY 


Introduction

V oIP is defined as the ability to make telephone calls, associated with VoIP, and those specific to VoIP. Firstly,
send faxes and carry out video-conferencing over an overview of the benefits of VoIP.
IP based networks. This is achieved by utilising current
VoIP standards and protocols such as H.323, Session
Initiation Protocol (SIP), and Skype to convert analogue
signals into digital data that can be transmitted over
the Internet. VoIP offers a number of benefits including
increased flexibility and reduced overheads to any
organisation that is willing to change its voice networks
from the traditional circuit switched network to that of
the packet switched network utilised by VoIP.

Even though the traditional Public Switched Telephone


Network (PSTN) has proven to be highly reliable over
the past 135 years, VoIP is seen as a more promising
alternative. This is because VoIP is more effective when
utilizing available bandwidth and also allows for more
efficient network deployment models. Taking the
above into account, it is not hard to understand that
the number of VoIP subscribers has steadily increased
to 18.1 million users worldwide as at the end of
2005 . It has also been projected that the number of
VoIP subscribers will more than double to 47 million
subscribers by the end of 2006 .

Like any new IT service, VoIP has a large number of


inherent and associated security risks and vulnerabilities
that can affect the reliability and availability of an
organisations IT infrastructure. It is also one of the
major issues slowing the uptake of VoIP. Therefore it is
paramount for any organisation looking to incorporate
VoIP to have a total understanding of the threats that
they will be potentially introducing into their IP networks.
This report classifies the risks and vulnerabilities of VoIP
into three categories those inherited from IP, those

 http://clickz.com/showPage.html?page=3623253
 http://lw.pennnet.com/Articles/Article_Display.cfm?ARTICLE_
ID=267354&p=13

 CCIP INFORMATION NOTE - ISSUE 06


VoIP Benefits

T here are two major benefits to any organisation


or business wanting to implement VoIP in their
day-to-day operations. The first major benefits is the
would facilitate call savings of at least $5,000 dollars
a year. However consultants in the industry state that
call savings are only a small part of the overall benefits
lower costs associated with VoIP when compared to gained by a VoIP system. The major benefits come from
that of the traditional PSTN. The main reasons VoIP is the simplified infrastructure and with it the reduced
considered more economical include: management and maintenance costs.

• Reduced cost of phone calls: The costs of phone The second major benefit of VoIP is increased flexibility
calls via VoIP are minuscule when compared to and location independence. These additional benefits
equivalent calls made over the traditional PSTN. emphasize the advantages to be gained by any
This is because VoIP takes advantage of existing organisation implementing the technology and show
WAN connectivity to remote locations over a that VoIP is more than simply just a way to reduce
dedicated data network or the Internet, thus expenditure. They include:
avoiding any long-distance toll-call charges.
• Improved flexibility: VoIP allows for new helpful
• Reduced maintenance and capital costs: VoIP is features like ‘click-to-call’ that enable a user to
based on software rather than purely hardware, simply click a URL while browsing a web page
therefore it is easier to alter and maintain. that will initiate a call over a VoIP network to an
Furthermore deploying a VoIP network can be attendant.
less expensive when compared with the costs
• Improved productivity: A Virtual Private Network
of deploying a Private Branch Exchange (PBX).
(VPN) combined with VoIP can be used to set
• Simplified infrastructure: Because VoIP up a fully functioning office anywhere there
utilises the same infrastructure as your data is a broadband connection. Furthermore VoIP
network its possible to converge the two, thus treats voice as if it were any other kind of data, so
simplifying the operation and management of users can attach documents to voice messages
the network. This is also advantageous from a or participate in virtual meetings using shared
cost perspective as a single network can carry data and videoconferencing.
both voice and data.
• Location Independence: This allows an
The financial gain provided by VoIP obviously depends individual to have incoming phone calls
on the size of the business and how that particular automatically routed to their office or personal
business operates. One particular business case, VoIP phone number regardless of location. This
provided by Deloitte’s New Zealand, showed the initial is because when using a VoIP network, the user
VoIP setup cost for a medium sized business of 350 only needs to be able to register their location
employees would be close to $225,000. This figure with the VoIP server to be able to receive calls.
includes an incremental capital investment of $125,000
as it would approximately cost $100,000 to replace the
existing analogue system. Once installed the system

VoIP VULNERABILITIES | MATTHEW HURLEY 


VoIP History

T he history of VoIP dates back to 1964 when Paul


Baran wrote the first paper on secure packetised
voice. However, it was not until thirty-one years later in
1995 that the first internet phone software ‘Vocaltec’
was released. Coincidently it was in May of the same
year that the International Telecommunications Union
(ITU) initiated work on the H.323 standard. The next
major development in VoIP occurred in September
of 1999 when work was commenced on the popular
SIP by the Internet Engineering Task Force (IETF). SIP
was then accepted as a 3rd Generation Partnership
Project (3GPP) signalling protocol in November 2000.
The following year Microsoft incorporated VoIP into
Windows XP Messenger using SIP. This was closely
followed by the founding of Vonage, which is a leading
provider of broadband telephone services with over 2
million subscribers in 2006. The last major development
in VoIP came in August of 2003 with the release of
Skype.

 CCIP INFORMATION NOTE - ISSUE 06


VoIP Standards

There are two major non proprietary standards used for VoIP
communications by many VoIP software applications. They are H.323
and Session Initiation Protocol (SIP).

VoIP VULNERABILITIES | MATTHEW HURLEY 


H.323

H .323 is a protocol suite specified by the ITU


that lays a foundation for IP based real-time
communications including audio, video and data.
H.323 was designed to handle call setup and tear-down
functions and can use both TCP and UDP as a transport
mechanism. Security within the H.323 protocol is
achieved by the H.235 protocol, which incorporates
four security goals including authentication, integrity,
privacy, and non-repudiation. These goals are provided
through four mechanisms, namely: configuration,
authentication, key exchange, and encryption.

Security concerns within H.323 arise as many of the


protocols use random ports causing problems securing
them through firewalls. This may be mitigated by using
direct routed calls, however since the ports required for
H.323 are not defined, a filtering firewall would require
all possibly-needed ports left open, thus allowing
multiple entry points to be exploited by malicious
users.

 CCIP INFORMATION NOTE - ISSUE 06


Session Initiation Protocol (SIP)

S ession Initiation Protocol is a signalling protocol


specified by the IETF, used to set up and tear down
two-way communications sessions. Security in SIP is
SIP’s registrations and communication mechanisms. It
is possible to resolve NAT issues when using VoIP but
this usually requires innovative solutions.
similar to H.323 and aims to achieve confidentiality,
message integrity, non-repudiation, authentication
and privacy. SIP has a security advantage over H.323
as it uses only one port (traditionally TCP and UDP
port 5060). However because SIP operates at the
application level, no new security mechanisms were
created. Instead SIP’s security is achieved by utilising the
security mechanisms provided by HyperText Transfer
Protocol (HTTP), Simple Mail Transfer Protocol (SMTP),
and Internet Protocol Security (IPSec).

One of the main security concerns for SIP are that


HTTP Digest does not provide adequate integrity, and
spoofing of the header would be easily accomplished
without employing S/MIME (Secure/Multipurpose
Internet Mail Extension). The use of S/MIME for
encryption also adds another issue as it uses public key
infrastructure, thus making it difficult for users moving
between devices as certificates are associated with
users. Lastly the text encoding of SIP makes it easier to
analyse using standard parsing techniques. The security
issues of SIP are highly apparent as there has been over
20,000 uniquely identifiable threats launched against
SIP networks in the last two years.

A common security issue for both VoIP standards comes


through the use of NAT (Network Address Translation).
NAT poses a problem for both H.323 and SIP as it is
designed to hide the IP address on the internal network
from the public network. Thus causing a disruption
firstly, in the ‘setup next’ procedure used by each
protocol within the H.323 suite and secondly, inhibiting

 G. S Sipera, Comprehensive VoIP Security for the Enterprise: Not Just


Encryption & Authentication, Sipera (March 2006)

VoIP VULNERABILITIES | MATTHEW HURLEY 


VoIP Vulnerabilities

As VoIP is an IP based technology that utilises the Internet it also inherits all
associated IP vulnerabilities. The impact of these Internet-borne attacks is
then multiplied by the VoIP architecture as it adds a number of additional
weaknesses, which require futher work to secure and maintain. Furthermore,
as with adding any new service to an inadequately secured environment,
is like piercing holes in an already-leaky boat. The following paragraphs
describe the risks and vulnerabilities of VoIP that are firstly, inherited from
IP, secondly, associated with VoIP, and lastly, specific to VoIP.

10 CCIP INFORMATION NOTE - ISSUE 06


Risks & Vulnerabilities Inherited from IP

Poor Architectural Design PBX Hosts & Gateways Replay Attacks


Poor or inadequate architecture Most service interceptions and A replay attack can be mounted
can lead to ongoing difficulties in eavesdropping attacks will usually against a VoIP network by
the operation and security of a VoIP require the compromise of a PBX retransmitting a legitimate session
system. Firewalls are particularly as a means of network access. A so that the recipient device
vulnerable areas in a VoIP network compromised host or gateway reprocesses the data. The basis
as they require additional ports to can facilitate this by capturing of a replay attack is to capture
be opened to facilitate VoIP traffic. voice packets to reveal information a valid packet, which can then
Non VoIP-aware firewalls may lack on all calls, call duration, and call be replayed into the network.
dynamic interaction with VoIP so parameters. This information will This generally causes the target
they simply leave a range of ports permit the mapping of VoIP, and network to respond and provide
continually open for call activity. possibly the supporting data more traffic to capture, eventually
networks. providing enough information
to move to packet spoofing and
masquerading, or simply finding an
entry point into the target network
for eavesdropping.

For example a replay attack could


be used to gain access to a network
by capturing and replaying a valid
user ID and password, even though
the captured data is encrypted and
the attacker was unable to decrypt
it.

VoIP VULNERABILITIES | MATTHEW HURLEY 11


Risks & Vulnerabilities Associated with VoIP

Packet Spoofing & Fuzzing Reconnaissance Attacks


Masquerading Fuzzing is a legitimate method of Reconnaissance Attacks are a form
Packet spoofing uses IP packets testing software systems for bugs of intelligence gathering where
with a false source address that may and is accomplished by providing networks are probed to ascertain
be used for: an application with semi-valid input their vulnerabilities. Methods used
to see what its reaction will be. This to achieve this include call walking
• obscuring the origin of the
technique can be employed to and port scanning and are the first
packet
exploit vulnerabilities in a target action undertaken by an attacker
• implicating another site or host
VoIP system and is achieved by when attempting to penetrate a
as the attack originator
sending messages so that the network. A successful probe would
• masquerading as a trusted host
target system will assume the determine the behaviour of the
• interception or hijacking of
sent content is valid. In reality, the network’s equipment, users, and
network traffic
message is ‘broken’ or ‘fuzzed’, thus services that might be available
• directing responses to another
causing various failures to occur to be exploited or disrupted. This
host or system
when the target system attempts information could then be used to
• undertaking man-in-the-middle
to parse or process it. Resultant launch a focused attack against the
spoofing attacks
failures can include application network.
A major risk associated with packet delays, information leaks, and
spoofing and masquerading is system crashes.
identity theft. For example a man-
in-the-middle spoofing attack, as
shown in Figure 1, can be launched
when a person makes a call, which
includes sensitive information. As a
result of the attack they may speak
to the intended recipient however,
their call is being monitored by Intended Call Flow

malicious users.
Re w
su
ltin Flo
gC all
Caller A all in gC Caller B
Flo lt
w su
Re

Malicious User

12 CCIP INFORMATION NOTE - ISSUE 06


Risks & Vulnerabilities Associated with VoIP continued

Reliability & Availability Denial of Service (DoS)


Challenges DoS and Distributed Denial of Service (DDoS) attacks occur when a
To achieve constant real time voice malicious user deliberately sends an exceedingly large amount of random
communications, VoIP places a high messages to one or more VoIP end-points from either a single location
priority on Quality of Service (QoS). (DoS) or from multiple locations (DDoS), as shown in Figure 2. Multiple
However the reliability of voice and locations are achieved through the use of zombies (compromised machines
data networks is closer to 99.9%, that could be woken upon request and used for malicious purposes). The
which compares poorly against DoS attack is successful when the amount of incoming messages exceeds
the 99.999% reliability that people the processing capacity of the target system, thereby exhausting system
have come to expect from the resources and thus, denying services to the end-users.
traditional PSTN. Even though this
VoIP systems are especially vulnerable to DoS and DDoS attacks because of
doesn’t appear to be a significant
the high fundamental requirement that they place on QoS. Therefore less
difference it equates to an additional
traffic or network disruption is required for a DoS attack to be successful
downtime of 8.7 hours each year for
when compared to mounting a DoS attack against a data network. A
VoIP. This could ultimately lead to
further consideration is needed where VoIP and data share the same
the loss of human life if emergency
network. Here the data network could also be subject to the same DoS
services were required during this
attack. Examples of VoIP specific DoS attacks include identity spoofing and
outage window.
cancellation of pending call set up signals, also known as the SIP CANCEL
DoS attack.

DoS Attack on End Point DDos Attack on Call Server

Malicious User VoIP Phone Malicious User VoIP Server

Zombies

VoIP VULNERABILITIES | MATTHEW HURLEY 13


Risks & Vulnerabilities Specific to VoIP

CID Spoofing Phone Impersonation


One type of masquerading is based on the manipulation of Caller ID (CID), Phone impersonation occurs
which is used to identify the caller before answering, and is known as CID due to the weak authentication
spoofing. The CID is based on reported information from different carrier process attributed to VoIP. There
switches and is specified by the switch administrator in a VoIP environment. are two major contributors that
This allows an attacker to spoof their CID information with a text string or consolidate this fact. Firstly, there is
phone number they specify and could be used to give credibility to various a limited human interface available
malicious users undertaking social engineering attacks. for VoIP phones, limiting users to
the selection of a numeric PIN for
In addition to this, the option for CID privacy (i.e. the ability to obscure
their password in lieu of a strong
your phone number from the CID display) is not possible with VoIP, since
password based on the entire
the phone number is included in the SIP and H.323 header. This allows any
ASCII character set. Secondly, and
attacker with a IP packet sniffer, such as tcpdump, to discover the remote
this is related to the SIP standard,
caller’s phone number, even if their number has been marked as private by
the authentication mechanism is
their service provider. Further, there are a number of CID spoofing service
based on the MD5 algorithm. An
providers in the US that, for a small fee, allow users to choose the number
attacker who can sniff the entire
they are calling from.
SIP authentication exchange
A recent example of CID spoofing was reported by SpoofCard.com, which is cannot observe the password
a company that sells enhanced calling cards that provide the CID spoofing sent in plain text, but can observe
ability. Coincidently 50 customer’s accounts were cancelled, including enough information to mount an
Paris Hilton’s, due to customers abusing the CID spoofing feature to break offline dictionary attack against
into other peoples voice-mail accounts, listen to their messages, and even the password. The combination of
change the targeted user’s greetings . 
these weaknesses allows passwords
to be easily obtained by an attacker
and then used to impersonate a
phone or user.

 http://voipsa.org/blog/2006/08/28/paris-hilton-hacker-extraordinaire/

14 CCIP INFORMATION NOTE - ISSUE 06


Risks & Vulnerabilities Specific to VoIP continued

Eavesdropping Call Hijacking & Redirection


Eavesdropping is the unauthorised Call hijacking and redirection occurs when a call intended for one user
interception of voice packets or Real is redirected to another. To achieve this, an attacker only needs to have
Time Protocol (RTP) media streams, knowledge of the user’s authentication credentials in order to impersonate
and the decoding of signalling and receive all calls intended for that user. Methods including spoofing of a
messages. It is a relatively simple node, man-in-the-middle attacks, and manipulation of call requests using
attack to administer and tools such signalling response codes make call hijacking and redirection relatively
as network protocol analysers, easy to instigate. Further to this, VoIP features including call forwarding and
sniffers and packet capture tools ‘follow-me’ also help facilitate the ability to route calls to specific phone
are freely available on the Internet. numbers.
Wireshark is an example of a
Call hijacking and redirection can also be used for financial gain. For example,
tool that can be used to capture
call hijacking can be targeted by cyber-criminals who resell the calls. This is
VoIP traffic and reconstruct VoIP
sometimes used as a money laundering channel from which organisations
conversations.
would only see an increase in bandwidth usage together with increased
A real world example of costs. Similarly, call redirection may also transit another system to collect
eavesdropping was publicised in data for later analysis or simply as a revenue gathering mechanism. In this
July of 2005 where flaws were found case, the consequences may include the loss of sensitive information and
in Cisco’s CallManager VoIP software. service disruption.
The flaw could be exploited by
Call hijacking was recently discovered in Miami by the US Federal
sending specially crafted packets to
government. In this particular case Edwin Pena sold discounted Internet
the Cisco CallManager that allowed
phone services by hacking into other Internet phone providers and
an attacker to create a heap overflow
piggybacking connections through their networks unbeknown to them.
and ultimately enable him to mount
In one three-week period a particular Internet phone provider received
an eavesdropping attack.
about 500,000 calls that were made to look like they had come from the
investment company Rye Brook. Because of this, the victimised Internet
phone provider was left having to pay $300,000 in connection fees for
routing the phone traffic to other carriers without receiving any revenue
for the calls.

 http://www.techweb.com/wire/
security/165702369  http://voipsa.org/blog/2006/06/07/hacker-cracks-net-phone-providers-for-gain/

VoIP VULNERABILITIES | MATTHEW HURLEY 15


Risks & Vulnerabilities Specific to VoIP continued

VoIP Spam these. The above paragraphs also emphasize the fact
VoIP SPAM or Spam over Internet Telephony (SPIT) is the that organisations that chose a simplified infrastructure
unsolicited and unwanted bulk messages broadcast for both voice and data could experience disruptions to
over VoIP to particular end users. Not only could this their data networks if an attack was launched against
be extremely annoying (especially when time zones their more vulnerable VoIP network.
are taken into consideration), it also has the potential to
VoIP is a relatively new technology and research
be rather costly where for example, calls are forwarded
regarding its security is very young, in fact it is said
to mobile phones. Another issue arises with SPIT and
to be at the tip of the iceberg. Therefore as additional
the fact that high-volume bulk calls routed over IP are
research is carried out and new vulnerabilities are
very difficult to trace and have the inherent capacity
discovered, it would be important for an organisation
for fraud, unauthorised resource use, and privacy
to consider separating the data and VoIP networks in
violations.
order to avoid a potential business and or operational
Voice mail bombing is a form of SPIT where multiple catastrophe.
(this may entail hundreds or even thousands of) voice
The following paragraphs will look at Skype, which
mail messages flood voice mail boxes. This attack could
is the most commonly used VoIP application on the
result in service disruption or a denial of service attack.
market today.
The first real wide spread phishing attack utilising
VoIP was launched in June 2006 against customers of
the Santa Barbara Bank & Trust in Southern California.
Targets of the scam were sent an official looking email
warning them that their bank account had been locked
as a security measure and asked that the recipient call
the supplied number to verify the account and user’s
identity. When customers called the number they were
greeted with an automated voice system requesting
that they enter their account number and other
personal information.

The above paragraphs explain three different groups


of risks and vulnerabilities that can affect the security
of a VoIP service or network. They also show that any
organisation wanting to utilise this technology needs
to be strongly aware of the issues surrounding it and
have appropriate security polices in place to mitigate

 http://www.eweek.com/article2/0,1895,1985966,00.asp

16 CCIP INFORMATION NOTE - ISSUE 06


Skype

S kype is a proprietary VoIP system developed by However, there are a number of other factors that
Skype Technologies and released in August 2003. affect the security of Skype. Firstly, the security of
It is the software of choice in the UK, being used by Skype depends on the security of the computer and
48% of VoIP users. Skype, which recorded a record network on which Skype is running. Secondly, because
high of 8 million users online at one time in November Skype uses a proprietary protocol, the only sources
2006, utilises a Peer-to-Peer architecture that relies on a of information regarding any security weaknesses are
central authentication sever to authenticate users and statements from the company and publicly disclosed
software distributions. In addition to this, both user vulnerabilities. Thirdly, because Skype is mostly a peer-
identities and software distributions are digitally signed to-peer system, the overall security can be affected by
by an RSA private key. The resulting RSA public key is third parties that are unknown to those in a particular
embedded into every Skype executable and thus, phone conversation. The latter is possible as problems
provides the basis for voice encryption. have been identified in Skype’s encryption format,
which firstly, allows the execution of man-in-the-middle
Skype does differ considerably from SIP and H.323 in
attacks and secondly, enables the ability for a worm to
the way that it connects clients that are sitting behind
be hidden in the encryption during transmission10.
firewalls. In order to initiate a connection, Skype creates
a rendezvous point, also known as a super-node, which These are not the only concerns that affect the security
ensures NAT’ed users can communicate with each of Skype. Another issue arises in Skype because it is ‘port-
other. A super-node is a computer operating on a public agile’ meaning that if a firewall port is blocked, Skype will
IP address that has the ability to proxy connections to seek other open ports to establish a connection. This
the Skype clients behind the more restrictive firewalls. feature would also allow an attacker, if a vulnerability
Further to this, the total amount of load placed on a was exploited, to use the application to gather further
network when a machine becomes a super-node is information about machines on a network. Therefore,
unknown and it also has the ability to interfere with Skype could provide a back door into otherwise secure
a business’s applications and services. One publicised networks for worms, Trojans, and viruses11.
example showed that while a user’s machine was In addition to the above, it was recently shown that
acting as a super node, Skype was utilising 100kbps Skype could provide botnet controls that could enable
of the company’s bandwidth for both upload and a better way for controlling zombies. What is concerning
download dataflows. about this for an organisation is that any attack (for
Super-nodes are not the only concern of the Skype example a DoS attack) resulting from this technology
protocol. Security is also a major concern, the key may be virtually impossible to identify the perpetrator.
properties being; privacy, authenticity, availability, This is because Skype uses proprietary technology and
survivability, resilience, and integrity (of conversation encrypted data traffic that cannot be easily monitored.
and system).
10 http://www.skypejournal.com/blog/archives/2005/11/five_reasons_
not_to_block_skype_1.php
 http://www.eweek.com/article2/0,1895,1985966,00.asp 11 http://computerworld.co.nz/news.nsf/news/
 http://www.voipwiki.com/blog/?p=30 1C31DD62E610104ACC2570B40016C985

VoIP VULNERABILITIES | MATTHEW HURLEY 17


Skype continued

This potential concern could be mitigated by a small


group of Chinese engineers who have proved that
they have reverse engineered Skype. The redesigned
software has a different GUI than the traditional Skype
application and can be used to discover the IP address
and physical location of the Skype user who you are
calling12.

Even though Skype has a number of key features,


including privacy, authenticity, availability, survivability,
resilience, and integrity, in place to ensure its security,
the above paragraphs clearly outline that these are far
from foolproof. In addition it has also been identified
that Skype’s own functionality used to provide its high
quality service can also be used for malicious purposes.
Also, the concept of hosting a super-node is far from
desirable for any organisation that values its bandwidth.
Therefore it is important for an organisation to fully
understand the security risks of Skype when choosing
to use it as their main VoIP application.

12 http://www.voipwiki.com/blog/?p=26

18 CCIP INFORMATION NOTE - ISSUE 06


Conclusion

V oIP offers a number of benefits to any organisation


considering implementing it into its day-to-
day operations. At the time of writing, organisations
have the choice of two VoIP standards and one
proprietary protocol (H.323, SIP, and Skype) that can
be utilised for lowering the costs of daily operations
and increasing flexibility. However, any organisation
that has implemented or is looking to implement VoIP
needs to be aware of the security issues surrounding
the technology. Phone impersonation, reconnaissance
attacks, eavesdropping, SPIT, call hijacking and
redirection, and identity theft are only a few of the
possible risks and vulnerabilities that a malicious
person can mount against an organisation’s VoIP
service. Therefore, it is important organisations carry
out the appropriate security measures to ensure the
confidentiality, integrity, and availability of their VoIP,
and in some cases, data networks.

VoIP VULNERABILITIES | MATTHEW HURLEY 19


References

1. S. Garfinkel, VoIP and Skype Security, Skype


Security Overview – Rev 1.6 (May 2005)

2. J. Waldron , VoIP Security Essentials, Black Hat


Briefings
http://www.blackhat.com/presentations/bh-usa-
06/BH-US-06-Waldron.pdf

3. Dr. T. Porter, H.323 Mediated Voice over IP:


Protocols, Vulnerabilities & Remediation
http://www.securityfocus.com/print/
infocus/1782

4. Cyber Security Industry Alliance, Cyber Security


for IP Telephony, Findings & Recommendations
(May 2005)

5. C. Roberts, Voice Over IP Security, Centre for


Critical Infrastructure Protection (May 2005)

6. Sipera, Comprehensive VoIP Security for the


Enterprise: Not Just Encryption & Authentication,
Sipera (March 2006)

7. Whichvoip, The History of VoIP


http://www.whichvoip.com/voip/articles/voip_
history.htm

8. Dr. R. Kuhn, T. J. Walsh, S. Fries, Security


Considerations for Voice Over IP Systems, NIST SP
800-58

9. VoIP – Standards and Protocols


http://www2.rad.com/networks/2001/voip/prtcls.
htm

10. G. S. Tucker, Voice Over Internet Protocol (VoIP)


and Security, SANS Institute (October 2004)

11. Systems & Network Attacks Centre (SNAC),


Security Guidance for Deploying IP Telephony
Systems, NSA (February 2006)

20 CCIP INFORMATION NOTE - ISSUE 06


DISCLAIMER INFORMATION

While this publication is accurate to the best of our knowledge, CCIP does not accept any
responsibility for errors or omissions. CCIP will not be liable for any loss or damage howsoever
caused, arising from or in connection with the use of information contained in this publication.

Reference in this publication in any manner to any commercial product, process or service does not
constitute or imply its endorsement or recommendation by CCIP. Views and opinions expressed
herein may not be used for advertising or product endorsement purposes.
CENTRE for CRITICAL INFRASTRUCTURE PROTECTION
www.ccip.govt.nz | ph: +64 4 498-7654 | fax: +64 4 498-7655
PO Box 12-209, Wellington , New Zealand

Оценить