Friday, 21 November 2008

VoIP Network: Vulnerabilities and Threats

Sponsored Links
Find high paying job. It's quick! It's Free!!Earn some quick money by spending just 5 minutes!!
As VoIP becomes increasingly popular and preferred mode of communication, it increasingly faces threats. Some of the vulnerabilities include:
  • IP infrastructure: Vulnerabilities on related non-VoIP systems can lead to compromise of VoIP infrastructure.
  • Underlying operating system: VoIP devices inherit the same vulnerabilities as the operating system or firmware they run on. Operating systems are Windows and Linux.
  • Configuration: In their default configuration most VoIP devices ship with a surfeit of open services. The default services running on the open ports may be vulnerable to DoS attacks, buffer overflows, or authentication bypass.
  • Application level: Immature technologies can be attacked to disrupt or manipulate service. Legacy applications (DNS, for example) have known problems.

Denial-of-Service or VoIP Service Disruption

Denial-of-service (DoS) attacks can affect any IP-based network service. The impact of a DoS attack can range from mild service degradation to complete loss of service. There are several classes of DoS attacks. One type of attack in which packets can simply be flooded into or at the target network from multiple external sources is called a distributed denial-of-service (DDoS) attack.

DoS attacks are difficult to defend against, and because VoIP is just another IP network service, it is just as susceptible to DoS attack as any other IP network services. Additionally, DoS attacks are particularly effective against services such as VoIP and other real-time services, because these services are most sensitive to adverse network status. Viruses and worms are included in this category as they often cause DoS or Distributed DoS (DDoS) due to the increased network traffic that they generate as part of their efforts to replicate and propagate.

VoIP systems must meet stringent service availability requirements. Following are some example DoS threats can cause the VoIP service to be partially or entirely unavailable by preventing successful call placement (including emergency/911), disconnecting existing calls, or preventing use of related services like voicemail. Note that this list is not exhaustive but illustrates some attack scenarios.

  • TLS Connection Reset
  • VoIP Packet Replay Attack
  • Data Tunneling (Not exactly an attack…)
  • QoS Modification Attack
  • VoIP Packet Injection
  • DoS against Supplementary Services
  • Control Packet Flood
  • Wireless DoS
  • Bogus Message DoS
  • Invalid Packet DoS
  • Immature Software DoS
  • VoIP Protocol Implementation DoS
  • Packet of Death DoS
  • IP Phone Flood DoS
  • Call interception
  • Eavesdropping

Do not miss even a single tech update... Subscribe to RSS feeds now!

No comments: