LAS VEGAS--If your VoIP phone starts ringing off the hook, it might not denote a surge in your popularity--just that someone is trying one of 13 newly released security tools.
Each of the tools can be used to launch VoIP system attacks, such as overloading phones or VoIP exchanges with ambiguous traffic, flooding phones with calls, forcing hang-ups, rebooting phones, and reassigning the devices to other users or nobody at all, Endler said.
"If you want all the CEO's calls to show up at your desk, that's what you would use," he said. Enterprises look at VoIP systems because of their rich features, promise of lower costs, and use of the same infrastructure as computer networks.
The tools were designed to help administrators determine the vulnerability of their telephony systems, Endler said.
"Obviously, releasing any security tools is a double-edged sword in that you can't restrict who has access," he said.
All of the tools target systems that use the Session Initiation Protocol, or SIP. While SIP is increasingly used in VoIP systems, it isn't widely used yet, Endler said. Instead, products from vendors such as Cisco Systems, Avaya and Nortel Networks all use proprietary protocols.
"The majority of VoIP systems out there are not SIP enabled," Endler said. "Most of them are pushing forward with SIP adoption." Endler and co-presenter Mark Collier of SecureLogix hope their work will help VoIP systems be more secure when SIP makes it into the major leagues, Endler said.
"VoIP security is still in its infancy," he said.
The release of the tools will have little effect on VoIP users today, agreed Dan York, director of IP technology at VoIP vendor Mitel. "But we're all moving to SIP," he said. The new protocol is in demand because industrywide adoption would mean phones from one vendor would work with a VoIP exchange from another, which isn't true today.
York said the tools serve a purpose. "SIP is coming into play and they give us the tools to test the systems and make them more secure," he said.
Everything discussed in this article isn't really that much different from TCP-IP, VPN/IPSec, SSL and/or any other protocol out there.
Ping is a nice tool to check if the other side is up or down. But Ping Bombs which literally flood a network with spoofed Ping requests such that it could (past tense) bring the entire network to it's knees. But we got over that.
The same was true with flooding IPSec gateways with new session authentication requests bringing it to it's knees. But we got over that.
Likewise the oldest TCP SYN Floods and or various other TCP-IP handshaking bombs also tied up a system such that it either hung or went into a thrashing state. But we over came those problems as well.
That said... these new tools and those who decide to use SIP will experience the same until we over come the new problems that these tools will bring forth.
In the mean time, scrutinize your ACL (Access Control Lists) for whom should be allowed and whom should not be allowed to use the SIP protocol. And throttle back the number of concurrent sessions to keep such tools from over-flooding your VoIP network bringing it to it's knees.
SIP is still in it's infancy and thus those who attempt to use it prior to it being proven secure and reliable must take their own preventative measures.
Hopefully, tools like this will show them where the vulnerabilities are in the test labs prior to people putting the systems into production lines.
Web giant is spending $120 million to beef up its Mountain View, Calif., headquarters, according to filings with the city reviewed by the San Jose Mercury News.
The Samsung Galaxy Mini 2 S6500 could make its debut at the Mobile World Congress in Barcelona later this month, according to a leaked promotional image.
MIT creates a simulation to celebrate the 50th anniversary of Spacewar. A relic of the early days of minicomputers, it was one of the first computer video games and set the stage for many others, including Asteroids.
Ping is a nice tool to check if the other side is up or down. But Ping Bombs which literally flood a network with spoofed Ping requests such that it could (past tense) bring the entire network to it's knees. But we got over that.
The same was true with flooding IPSec gateways with new session authentication requests bringing it to it's knees. But we got over that.
Likewise the oldest TCP SYN Floods and or various other TCP-IP handshaking bombs also tied up a system such that it either hung or went into a thrashing state. But we over came those problems as well.
That said... these new tools and those who decide to use SIP will experience the same until we over come the new problems that these tools will bring forth.
In the mean time, scrutinize your ACL (Access Control Lists) for whom should be allowed and whom should not be allowed to use the SIP protocol. And throttle back the number of concurrent sessions to keep such tools from over-flooding your VoIP network bringing it to it's knees.
SIP is still in it's infancy and thus those who attempt to use it prior to it being proven secure and reliable must take their own preventative measures.
Hopefully, tools like this will show them where the vulnerabilities are in the test labs prior to people putting the systems into production lines.
Walt