Summary
H.323 is a popular signaling protocol used in VoIP infrastructures, especially in enterprise networks with existing PBX systems. H.323 includes several subprotocols, such as H.235 and H.225; however, the security model of H.323 and its subprotocols is quite weak. Authentication and registration methods used within H.225 are vulnerable to several attacks, including passive dictionary attacks and replay attacks.
As we have seen, the authentication model used in H.323 allows attackers to retrieve an endpoint's password quite easily. Furthermore, the authorization methods used with H.323 rely on E.164 aliases, which can be spoofed by an attacker. The identity of any H.323 endpoint cannot be trusted because attackers can perform simple attacks ...
Get Hacking VoIP now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.