#Communications VOIP

Be had in a recent report issued by CompTIA, the Computer Technology Industry Association 50% of small and medium enterprises (SMEs) are offered very little confidence in relation to security of VoIP providers, or for that matter, voice over IP security in general .

It is true that your voice and data, which leaves your telecommunications infrastructure in the same sector is particularly vulnerable to any security threats inherent in an IP network. Viruses, Trojan horses,and worms can wreak havoc on a network and with the voice network is down even for the shortest time is intolerable for most business.

This means that the security come a long way, and most of the attacks on the outskirts of a good network administrator can be set. While attacks on VoIP networks, are not particularly widespread, chances are, if not imminent, and a very real threat to the very sensitive time requirements of voice overIP.

What follows is a collection of some of the threats to security in the face to a voice-over-IP network, as well as some security measures could be taken to prevent such attacks.

SPIT – The new spam for VoIP

Most of those who receive e-mail address is familiar with the term spam. Who among us has not dozens of unwanted e-mails, clogging our inboxes and we get precious time? The laws were made to reduce theClutter in our mailboxes and felons were strong, in some cases, jailed fined.

Spam is basically the distribution of advertising or other unsolicited messages over a network or networks, ending up in the inboxes of everyone with an e-mail address on that network. In the worst case is spam frustrating for the recipient and may also cause network problems with a good majority of the bandwidth that is meant for other things. Because the e-mail applications areconnectionless, and are not sensitive to delays, at the end of the recipient receives the e-mail received, although after a few minutes what would normally be.

Spam over Internet telephony, also known as SPIT, can have consequences far greater than spam. Spitters, that affect the VoIP gateway, the bandwidth available to seriously affect the quality of service and causes a large degradation of voice quality.

The open nature of VoIPPhone makes it easy to spot spitters, are transmitted to transmit audio and e-mail marketing messages. Of closed networks such as Vonage or Skype, or even your company LAN, a little more difficult because the spitter would affect the power to implement the transfer. However, it can be done.

The ability to audio messages to be transmitted on a VoIP network does not in itself necessarily a bad thing. Companies should be able to get out important messagesquickly and in a broader context, could easily communicate with emergency evacuations mandatory, or warn of impending disaster in the event of a disaster.

Spit While it is certainly a technical possibility, so far we have not seen much of it. In 2004, the peer-to-peer VoIP network Skype has infringed, and the users have with news and audio have been flooded. Soon after, Skype had found and closed the gap in the network. Another decision is to go furtherNational Do Not Call list to prevent lawyers to the mailbox bomb

Intercept

Probably one of the worst vulnerabilities of VoIP is the possibility of an outsider to intercept a private conversation. This concept is not new for IP data networks and usually requires a packet analyzer to intercept IP packets and in case of VoIP, to save the data as audio files. Hackers then have the opportunity to learn and user IDPasswords, or worse yet to acquire, knowledge of confidential business information.

If it is true that the interception of traditional telephone lines and mobile networks occurs, for someone who requires tapping into your home phone an almost physical presence outside of your home. In the case of an IP network, a hacker only needs a laptop, some software can be easily found, and knowing how to penetrate the network.

Security analysts have long used encryptionTechniques to protect the confidentiality of the data that is over an IP network, and the same concept for voice packets. The challenge is to encrypt the voice of power and speed in order to protect the confidentiality and not to slow the flow of packets.

However, if someone really wants to hear your call, any type of telecommunications equipment 100%.

Phishing Waters Voice over IP

Another variant of an attack e-mail, phishingdesigned to get you to disclose confidential information such as usernames, passwords, bank accounts, credit cards and social security numbers, and trick. In the case of VoIP, the attack could get you a voice message urging you call a number provided and give the user information. Even if the automated call, sounds easily be deciphered. Depending on the information they receive, hackers can use to access bank accounts or steal identities.

While it is possiblecalled the program a PBX to limit phishers know, as more users become familiar with the intricacies of the Internet, announced that never sensitive information to support automated, either through data or voice transmission.

SIP Registration Hijacking

The Session Initiation Protocol (SIP) is increasingly accepted widely as a method for generating VoIP calls. The process includes a Registrar (in some cases the company PBX itself) that keeps a database with all participants in the network and at the bottom of the card's phone number from an IP address.

Registration hijacking occurs when the packet header of a party by a hacker who will replace the IP address of the intercepted legitimate. The attacks may take the form of fraudulent toll-free calls, denial of service attacks that can represent the device useless for the user, or a simple redirectCommunication>.

Spoofing

Another hack that is also known in the spoofing data networks that attack known as a man in the middle, spoofing requires hacking into a network and sniff packets sent between two parties. Once the IP address or telephone number of the trusted host is found, hackers can use this type of attack to divert calls, modify data, or in case of transfer of cash Caller ID spoofing, a stolen credit cardNumber.

SIP registration hijacking is a form of spoofing. Both parodies, like other hacks, such as interception, can be avoided by using cryptographic methods, the call set-up. Today is the next and mechanism to achieve this goal, to send SIP messages over a Transport Layer Security-encrypted channel. The combination of these two protocols form the acronym SIPS.

There is no doubt that IP networks can be, and are hacked. As a converged networkconsists of data and voice communications, VoIP is vulnerable as any application of these failures, outages, but with a tolerance of no more valid than 5 minutes per year, such interruptions are unacceptable for voice applications.

To date, most of these threats are not wide open, and are here for what might happen in the future will present scene. Industry experts agree that, like Voice over the Internet is becoming more widespread, malicious hackers are connectedto follow.

These and other security threats to VoIP, can be prevented by an attentive staff network by all known precautions typical of an IP network. A VoIP solution is secure out of the box, and must by common sense approaches to including disabled, but not to change the default password does not close unused ports and services, firewalls and VPNs for network communication is limited, and the penetrate hardRecognition.