No Starch Press (October 2008) | ISBN: 1593271638 | PDF + EPUB | 220 pages | 9.2 MB
Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it’s notoriously lacking in security. With minimal effort, hackers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.
Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If you’re serious about security, and you either use or administer VoIP, you should know where VoIP’s biggest weaknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.
Hacking VoIP will introduce you to every aspect of VoIP security, both in home and enterprise implementations. You’ll learn about popular security assessment tools, the inherent vulnerabilities of common hardware and software packages, and how to:
Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phishing
Audit VoIP network security
Assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk, and home VoIP solutions like Yahoo! and Vonage
Use common VoIP protocols like H.323, SIP, and RTP as well as unique protocols like IAX
Identify the many vulnerabilities in any VoIP network
Whether you’re setting up and defending your VoIP network against attacks or just having sick fun testing the limits of VoIP networks, Hacking VoIP is your go-to source for every aspect of VoIP security and defense.
Table of Contents
Chapter 1. An Introduction to VoIP Security
Part I: VoIP Protocols
Chapter 2. Signaling: SIP Security
Chapter 3. Signaling: H.323 Security
Chapter 4. Media: RTP Security
Chapter 5. Signaling and Media: IAX Security
Part II: VoIP Security Threats
Chapter 6. Attacking VoIP Infrastructure
Chapter 7. Unconventional VoIP Security Threats
Chapter 8. Home VoIP Solutions
Part III: Assess and Secure VoIP
Chapter 9. Securing VoIP
Chapter 10. Auditing VoIP for Security Best Practices