You are previewing Voice over IP Security.
O'Reilly logo
Voice over IP Security

Book Description

Voice over IP Security

Security best practices derived from deep analysis of the latest VoIP network threats

Patrick Park

VoIP security issues are becoming increasingly serious because voice networks and services cannot be protected from recent intelligent attacks and fraud by traditional systems such as firewalls and NAT alone. After analyzing threats and recent patterns of attacks and fraud, consideration needs to be given to the redesign of secure VoIP architectures with advanced protocols and intelligent products, such as Session Border Controller (SBC). Another type of security issue is how to implement lawful interception within complicated service architectures according to government requirements.

Voice over IP Security focuses on the analysis of current and future threats, the evaluation of security products, the methodologies of protection, and best practices for architecture design and service deployment. This book not only covers technology concepts and issues, but also provides detailed design solutions featuring current products and protocols so that you can deploy a secure VoIP service in the real world with confidence.

Voice over IP Security gives you everything you need to understand the latest security threats and design solutions to protect your VoIP network from fraud and security incidents.

Patrick Park has been working on product design, network architecture design, testing, and consulting for more than 10 years. Currently Patrick works for Cisco® as a VoIP test engineer focusing on security and interoperability testing of rich media collaboration gateways. Before Patrick joined Cisco, he worked for Covad Communications as a VoIP security engineer focusing on the design and deployment of secure network architectures and lawful interception (CALEA). Patrick graduated from the Pusan National University in South Korea, where he majored in computer engineering.

Understand the current and emerging threats to VoIP networks

Learn about the security profiles of VoIP protocols, including SIP, H.323, and MGCP

Evaluate well-known cryptographic algorithms such as DES, 3DES, AES, RAS, digital signature (DSA), and hash function (MD5, SHA, HMAC)

Analyze and simulate threats with negative testing tools

Secure VoIP services with SIP and other supplementary protocols

Eliminate security issues on the VoIP network border by deploying an SBC

Configure enterprise devices, including firewalls, Cisco Unified Communications Manager, Cisco Unified Communications Manager Express, IP phones, and multilayer switches to secure VoIP network traffic

Implement lawful interception into VoIP service environments

This IP communications book is part of the Cisco Press® Networking Technology Series. IP communications titles from Cisco Press help networking professionals understand voice and IP telephony technologies, plan and design converged

networks, and implement network

solutions for increased productivity.

Category: Networking—IP Communication

Covers: VoIP Security

Table of Contents

  1. Copyright
    1. Dedication
  2. About the Author
  3. Acknowledgments
  4. Icons Used in This Book
  5. Command Syntax Conventions
  6. Introduction
    1. Goals and Methods
    2. Who Should Read This Book
  7. How This Book Is Organized
  8. I. VoIP Security Fundamentals
    1. 1. Working with VoIP
      1. VoIP Benefits
      2. VoIP Disadvantages
      3. Sources of Vulnerability
        1. IP-Based Network Infrastructure
        2. Open or Public Networks
        3. Open VoIP Protocol
        4. Exposed Interface
        5. Real-Time Communications
        6. Mobility
        7. Lack of Security Features and Devices
        8. Voice and Data Integration
      4. Vulnerable Components
      5. Myths Versus Reality
        1. Legacy Versus VoIP Systems
        2. Protecting Networks Using Strict Authentication and Encryption
        3. Protecting Networks Using a Data Security Infrastructure
      6. Summary
      7. End Notes
      8. References
    2. 2. VoIP Threat Taxonomy
      1. Threats Against Availability
        1. Call Flooding
        2. Malformed Messages (Protocol Fuzzing)
        3. Spoofed Messages
          1. Call Teardown
          2. Toll Fraud
        4. Call Hijacking
          1. Registration Hijacking
          2. Media Session Hijacking
          3. Server Impersonating
        5. QoS Abuse
      2. Threats Against Confidentiality
        1. Eavesdropping Media
        2. Call Pattern Tracking
        3. Data Mining
        4. Reconstruction
      3. Threats Against Integrity
        1. Message Alteration
          1. Call Rerouting
          2. Call Black Holing
        2. Media Alteration
          1. Media Injection
          2. Media Degrading
      4. Threats Against Social Context
        1. Misrepresentation
        2. Call Spam (SPIT)
        3. IM Spam (SPIM)
        4. Presence Spam (SPPP)
        5. Phishing
      5. Summary
      6. End Notes
      7. References
    3. 3. Security Profiles in VoIP Protocols
      1. H.323
        1. Overview
          1. Components
          2. Basic Call Flow
        2. Security Profiles
          1. H.235 Annex D (Baseline Security)
          2. H.235 Annex E (Signature Security)
          3. H.235 Annex F (Hybrid Security)
      2. SIP
        1. Overview
          1. Components
          2. Basic Call Flow
          3. Session Setup Example
        2. Security Profiles
          1. Digest Authentication
          2. Identity Authentication
          3. Secure/Multipurpose Internet Mail Extensions (S/MIME)
          4. Secure RTP
          5. TLS
          6. IPSec
      3. MGCP
        1. Overview
          1. Basic Call Flow
        2. Security Profiles
      4. Summary
      5. End Notes
      6. References
    4. 4. Cryptography
      1. Symmetric (Private) Key Cryptography
        1. DES
        2. 3DES
        3. AES
          1. SubBytes
          2. ShiftRows
          3. MixColumns
          4. AddRoundKey
      2. Asymmetric (Public) Key Cryptography
        1. RSA
        2. Digital Signature
      3. Hashing
        1. Hash Function (MD5)
        2. SHA
        3. Message Authentication Code
          1. MAC Versus Digital Signature
      4. Key Management
        1. Key Distribution
      5. Summary
      6. End Notes
      7. References
    5. 5. VoIP Network Elements
      1. Security Devices
        1. VoIP-Aware Firewall
        2. NAT
        3. Session Border Controller
        4. Lawful Interception Server
      2. Service Devices
        1. Customer Premise Equipment
        2. Call Processing Servers
          1. PAP Versus CHAP
          2. RADIUS Versus TACACS+
      3. Summary
      4. End Notes
      5. References
  9. II. VoIP Security Best Practices
    1. 6. Analysis and Simulation of Current Threats
      1. Denial of Service
        1. Intentional Flooding
          1. Simulation
          2. Analysis
          3. Mitigation
        2. Unintentional Flooding
          1. Analysis
            1. Global Power Outage and Backup
            2. Wrong Configuration of Devices
            3. Misbehaving Endpoints
          2. Mitigation
      2. Malformed Messages
        1. Simulation
        2. Analysis
        3. Mitigation
      3. Sniffing/Eavesdropping
        1. Simulation
        2. Analysis
        3. Mitigation
      4. Spoofing/Identity Theft
        1. Simulation
          1. Prespoofing Scan
          2. Identity Theft
        2. Analysis
        3. Mitigation
      5. VoIP Spam
        1. Voice Spam
        2. IM Spam
        3. Presence Spam
        4. Mitigation
          1. Content Filtering
          2. Turing Test
          3. Reputation System
          4. Address Obfuscation
          5. Limited-Use Address
          6. Consent-Based Black/White List
      6. Summary
      7. End Notes
      8. References
    2. 7. Protection with VoIP Protocol
      1. Authentication
        1. User-to-Proxy Authentication
        2. User-to-User Authentication
      2. Encryption
        1. Message Encryption (S/MIME)
          1. S/MIME Certificates
          2. S/MIME Key Exchange
          3. Formatting S/MIME Bodies
        2. Media Encryption
          1. Key Derivation
          2. SRTP Packet Processing
          3. SRTP Test
      3. Transport and Network Layer Security
        1. Transport Layer Security
        2. IPSec (Tunneling)
      4. Threat Model and Prevention
        1. Registration Hijacking
        2. Impersonating a Server
        3. Tearing Down Sessions
        4. Denial-of-Service and Amplification
      5. Limitations
        1. Digest Authentication Limitations
        2. S/MIME Limitations
        3. TLS Limitations
        4. SIPS URI Limitations
      6. Summary
      7. End Notes
      8. References
    3. 8. Protection with Session Border Controller
      1. Border Issues
        1. Between Access and Core Networks
        2. Between Core and Peer Networks
      2. Access and Peer SBCs
      3. SBC Functionality
        1. Network Topology Hiding
          1. Example of Topology Hiding
        2. DoS Protection
          1. Policy-Driven Access Control
          2. Hardware Architecture
        3. Overload Prevention
          1. Registration Timer Control
          2. Ping Control
          3. Load Balancing
        4. NAT Traversal
        5. Lawful Interception
        6. Other Functions
          1. Protocol Conversion
          2. Transcoding
          3. Number Translation
          4. QoS Marking
      4. Service Architecture Design
        1. High Availability
          1. Active-Standby
          2. Active-Active
        2. Network Connectivity
        3. Service Policy Analysis
        4. Virtualization
        5. Optimization of Traffic Flow
          1. Deployment Location
          2. Media Control
      5. Summary
      6. End Notes
      7. References
    4. 9. Protection with Enterprise Network Devices
      1. Firewall
        1. ASA and PIX Firewalls
          1. Routed Mode
          2. Transparent Mode
          3. TLS Proxy Feature
          4. Configuration Example
        2. FWSM Firewall
          1. Routed Mode
          2. Transparent Mode
          3. Configuration Example
        3. Limitations
      2. Unified Communications Manager Express
        1. Access Control
        2. Phone Registration Control
        3. Secure GUI Management
        4. Class of Restriction
        5. After-Hours Call Blocking
      3. Unified Communications Manager
        1. Security Features and Certificates
        2. Integrity and Authentication
          1. Image Authentication
          2. Device Authentication
          3. File Authentication
          4. Signaling Authentication
          5. Digest Authentication
          6. Authorization
        3. Encryption
          1. Signaling Encryption
          2. Media Encryption
          3. Configuration File Encryption
        4. Configuration Guideline
      4. Access Devices
        1. IP Phone
        2. Switch
          1. Mitigate MAC CAM Flooding
          2. Prevent Port Access
          3. Prevent Network Extensions
          4. Prevent Fraudulent DHCP Server
          5. Mitigate DHCP DoS Attacks
          6. Limit ARP Responses
        3. VLAN ACL
        4. Deployment Example
      5. Summary
      6. End Notes
      7. References
  10. III. Lawful Interception (CALEA)
    1. 10. Lawful Interception Fundamentals
      1. Definition and Background
      2. Requirements from Law Enforcement Agents
      3. Reference Model from an Architectural Perspective
        1. AF (Access Function)
        2. DF (Delivery Function)
        3. CF (Collection Function)
        4. SPAF (Service Provider Administration Function)
        5. LEAF (Law Enforcement Administration Function)
      4. Request and Response Interfaces
      5. Operational Considerations
        1. Detection by the Target Subscriber
        2. Address Information for Call Content Interception
        3. Content Encryption
        4. Unauthorized Creation and Detection
        5. Call Forwarding or Transfer
        6. Capacity
      6. Summary
      7. End Notes
    2. 11. Lawful Interception Implementation
      1. Intercept Request Interface
        1. SIP P-DCS Header
          1. Intercept Process Flow for Outbound Call
          2. Intercept Process Flow for Inbound Call
        2. Cisco SII
          1. Device Interfaces
          2. Intercept Process Flow for Standard Call
          3. Intercept Process Flow for Forwarding Call
          4. Intercept Process Flow for Conference Call
          5. Predesign Considerations
          6. Security Considerations
          7. Configuration Example
            1. Aggregation Router
            2. Cisco BTS 10200
            3. Cisco PGW 2200
      2. Call Data and Content Connection Interfaces
        1. Call Content Connection Interface
        2. Call Data Connection Interface
          1. CDC Messages
            1. CDC Message Example for Basic Call
            2. CDC Message Example for Call Redirection
            3. CDC Message Example for Call Transfer
      3. Interface Between MD and LEA
      4. Summary
      5. End Notes
      6. References