10000274-Session1.4IPTelephonySecurityOverview

8/17/2019 10000274-Session1.4IPTelephonySecurityOverview

http://slidepdf.com/reader/full/10000274-session14iptelephonysecurityoverview 1/16

ession 1.4

IP Telephony Security

Overview

At the end of this session, you will be able to

•

Understand traditional PBX security• Describe Phreaking and how it is relevant

today

• Describe IP telephony security and how itdiffers

• Understand the different types of securitythreats



Traditional PBX Security

•

Traditional Telephony Proprietary hardware and software

!ot generally connected to the data network or the

Internet

Protected the voice syste" fro" the traditionalsecurity issues endured by data syste"s

Traditional PBXs were i""une to viruses, data

outages and bandwidth restrictions

#$ and ad"inistration was done bytrained%certified personnel only

&ini"al access to #$ 'du"b ter"inal or P(

e"ulator progra"s)

$ession *+ IP Tele hon $ecurit #verview



Traditional PBX Security Issues

• !on-Technical $upport Typically the decision-"aker had a non-telephony

background

Usually the re.uire"ents of the location were"ini"al, so phone syste" "anufacturer was the

flavor of the day+ /ith nu"erous phone syste"s to support, usually no

one individual or s"all group could "anage all thephone syste"s

(reated dependency on integrators to provide

support+ 0educed ability to apply standards

1ack of security standards and adherence

Dependent upon skill set and desire of integrator




Leaky PBX

• $ecurity proble" that allows the ability to

place call into PBX and shutdown P$T!

access or2

• 34ternal users break into a phone syste"

and "ake calls for free which is referred toas toll fraud Toll fraud could go unnoticed for long periods of ti"e

because invoices are not always reviewed closely (o"panies could lose tens of thousands of dollars

before the proble" was resolved




Phreaking

•

Ter" used to describe 5hacking6 oftelephones, telephone co"panies and PBX

syste"s connected to the P$T! Phreak (o"bination of phone and freak

Also could be short for fre.uency

• 7istory 3arliest recorded abuse started in the *89:s

&odern day 5phreaking6 started in *8;:s

3arly phreaks developed an understanding of how the

phone syste" worked by trial and error

Phreakers are still active today but "ost people find

hacking of data syste"s on the Internet "ore interesting




Captain Crunch Whistle

• <ree whistle in cereal created a 9=::7> tone• Used to hack PBX syste"s by calling into a PBX

and blowing the whistle into the phone receiver

•

This allowed control of older phone syste"s thatworked on $ingle <re.uency controls

• Another long whistle reset the line

• It is then possible to dial a phone nu"ber with

groups of whistles 'a short one for a ?*?, twoshort ones for a ?9?, etc+) and "ake outbound

phone calls





• (o"panies are now i"ple"enting IPtelephony syste"s and services that

connect to their data networks

• IP telephony "ust be part of the ITinfrastructure and "anaged as such

• IP telephony "ust be "anaged and

secured like any other application on thenetwork

• 7ow is this acco"plished@





• Initially hackers had little interest in attackingIP telephony syste"s

• /ith broader acceptance new security threats

have arisen

• $a"e attacks used against the data

environ"ent can i"pact IP telephony iruses

/or"s Troan horses

• If the data network is co"pro"ised a co"pany

can lose both voice and data co""unications




Types of IP Telephony Threats

• Unauthori>ed access Unauthori>ed connection to the data network used for

"alicious purposes

•

Address spoofing IP address spoofing is the action of generating IP

packets with a fake source IP address in order to

i"personate other syste"s or to protect the identity of

the sender

• Packet capture The act of capturing IP packets on the data network to

illegally gain access to infor"ation 'voice calls)





•

Toll fraud To gain access of a IP phone syste" for the sole

purpose of "aking illegal phone calls to the P$T!

• Denial of $ervice

A concerted "alevolent effort by a person or personsto prevent a service fro" functioning efficiently either

te"porarily or indefinitely

• #$ Application irus and Troan 7orse IP telephony #$ or applications are susceptible to

attack by a virus or Troan 7orse like any other

co"puter on the network





•

(aller Identify $poofing (aller ID spoofing is when a caller pretends to be

so"eone else by falsifying the nu"ber or na"e

that appears on the recipientCs caller ID display

• 0epudiation A repudiation attack happens when an application

or syste" does not adopt controls to properly track

and log users action

This per"itting "alicious "anipulation or forgingthe identification of new actions+




acker !ccess to IP Telephony• Physical network access

Unsecured access to the data network to disruptservice

Access to data closets and network e.uip"ent

Access to network device #$

• #pen T(P%IP ports IP ports that are not secured and can be

attacked using different progra"s that have the

potential to cause syste" disruption

(an be attacked internally or fro" the Internet




acker !ccess to IP Telephony• /eak #$ and syste" passwords

/eak security allows hackers direct access to#$ and IP telephony applications

(o"panies have lack of password policies

/hen people leave the co"pany userna"es

and passwords on network and IP telephonysyste"s are not changed

• #pen or inade.uate security on the

wireless network /ireless allows access fro" outside of building

/eak or no security policies in place

Think of it as having (AT; data network ports

located in the parking lot$ession *+ IP Tele hon $ecurit #verview

IP T l h S it




Su""ary

• IP Telephony $ecurity Advantages <ewer syste"s to support

reater prevention of Toll <raud

reater standardi>ation

0educed endor &anage"ent

I"proved $yste" 0edundancy

0eduction of business risk

•IP Telephony $ecurity Disadvantages $erver based technology

irus ulnerabilities

Intrusion ulnerabilities




ession 1.4 Activity

IP Telephony Packet Capture

#e"onstration and Play$ack

1ab #bectives

• De"onstrate voice packet capturesoftware

• (ollect and asse"ble a voice

conversation• Playback the sa"ple for the class




Session %&' (eview

*+ !a"e three reasons that PBX syste"swere inherently secure+

9+ Describe the "eaning of the ter"Phreaking+

E+ !a"e three typical data networkattacks that can effect an IP telephonynetwork+

+ !a"e three types of IP telephonysecurity threats+;+ !a"e two reasons co"panies have

weak #$ security+

$ession * IP Telephony $ecurity #verview

Documents

10000274-Session1.4IPTelephonySecurityOverview