Beruflich Dokumente
Kultur Dokumente
9/1/12 20:36
http://200ok.info/2012/07/16/voip-security-sipnoc/
Page 1 of 10
9/1/12 20:36
(http://200ok.info/2012/07/16/voip-security-sipnoc/img_5379-version-2/#main) Stealing phone service is not new. AT&T, as the United States first major long-distance service provider, has fought theft of service for ages. But the advent of widespread carrier VoIP over the Internet has created an excellent opportunity to steal service. Attackers need not physically attach to your network to steal your service; they need only connect to your service across the Internet.
9/1/12 20:36
Somalia for 4 days. His carrier has since dropped the bill and absorbed the cost. (http://hosted2.ap.org/APDEFAULT/aa9398e6757a46fa93ed5dea7bd3729e/Article_2012-07-09$1M%20Phone%20Bill/id-c0050db654c9475399853ba88d3330b1) Thats good for the consumer but what if you are the carrier? You may be asked to absorb a $1M phone bill to avoid putting your customer out of business.
http://200ok.info/2012/07/16/voip-security-sipnoc/
Page 3 of 10
9/1/12 20:36
Some carriers reported using the customers history to set the threshold. The more sophisticated systems, like ECGs Fraudstopper (http://www.e-c-group.com/fraudstopper/), do some autolearning to detect the behavioral patterns of use. There was also no single answer on how to handle a new customer. What is the appropriate fraud limit if you have no history or behavioral patterns?
9/1/12 20:36
A classic model appears to be (a) detection of SIP accounts with poor authentication; (b) test calls to verify the service early in the work week; then (c) heavy fraudulent use starting Friday night, when fraud detection is weaker over the weekend.
9/1/12 20:36
authenticate that SIP PBX, you cant detect that the calls are actually not legitimate. Similar cases were reported with Adtran TA900-series IADs. Attackers would login to these devices, reconfigure them to allow SIP calling through the Internet, then route calls from the attacker, via the IAD, to the SIP PBX. We would expect this to be possible on all SIP-to-SIP capable devices, including Cisco IAD2430-series devices, those from Audiocodes, and many more. The key is proper securing of the SIP PBX or IAD to prevent an attacker from gaining control.
9/1/12 20:36
risks and threats. Some participants also mentioned the FBI Infraguard program, but also noted that it seems to be a listen-only forum. That is, many companies join to hear what the FBI has to say, but few want to publicize anything theyre seeing, even among a limited set of participants. VoIPSA (http://voipsa.org/)may be another good forum where public content can be published.
http://200ok.info/2012/07/16/voip-security-sipnoc/
Page 7 of 10
9/1/12 20:36
(http://200ok.info/2012/07/16/voip-security-sipnoc/img_5393/#main) Dan York, of the Internet Society and VoIPSA Perhaps the challenge is convincing everyone that sharing information about the latest threats is actually beneficial. But this is an old debate, extended to the new telephone network. Is it really good for everyone involved if the information about the threats is publicized? Yes, if it is possible to ultimately make a secure and robust system. No, if there are intrinsic weaknesses that will never be fully strengthened. That is, were only as secure as we are secret about the weaknesses.
http://200ok.info/2012/07/16/voip-security-sipnoc/
Page 8 of 10
9/1/12 20:36
Hair Color For Why Stylists Hate Boxed Haircolor Hair Color For Women Women (http://www.haircolorforwomen.com/breakthrough-hair-color-system-your-salonSponsored (http://www.haircolorforwomen.com/breakthrough-hair-color-system-your-salonvideo?utm_source=Taboola&utm_medium=V3&utm_campaign=Taboola&source=taboola) doesnt-want-you-to-know-about-video?
4 Things Your Body Will Do Right Before a Newsmax Heart Attack Newsmax Sponsored (http://www.newsmax.com/Newsfront/heart-attack-signs-crandall/2012/07/10/i 1&Source=Taboola) (http://www.newsmax.com/Newsfront/heart-
What is the relationship between depression and Health Guru FM? Health Guru (http://conditions.healthguru.com/question/what-is-the-relationship-between-dep Sponsored hgref=taboola3&Source=Taboola) (http://conditions.healthguru.com/question/what-
Why Trump Is Dumping The Dollar: It.s MoneyNews .Going To Hell. MoneyNews Sponsored (http://www.moneynews.com/aftershock-2013?PROMO_CODE=FD19-1&utm_sou This entry was posted in voip and tagged security, sipforum, sipnoc, voipsa. Bookmark the permalink.
9/1/12 20:36
ramp up their attacks. Also watch your voicemails ability to be set to pass through calls. They like to fwd calls through a VM portal ability once a compromised SIP acct has been achieved. That way they can trunk their SIP calls through it. If you got an SBC , also configure all the dynamic security you can against registering SIP UAs , especially if they come from the internet. Make sure it kicks them for a long, long time if they get a bad password too like over 12 hours. I once had an Acme I set to kick them for only 4 hours and a hacker (over the period of several days) still managed to keep trying and got a weak password SIP acct that ironically was just installed a couple weeks before and not even in use yet by a customer. Be WARY!! they are out there and looking actively!!
Follow 200 OK
Powered by WordPress.com
http://200ok.info/2012/07/16/voip-security-sipnoc/
Page 10 of 10