VoIP eavesdropping: reinforces network security to prevent VoIP risks

Every organization that is considering deploying a VoIP Phone System has heard the same terrible warning: "routing voice calls over the data network will expose the call content to eavesdroppers ".
 
Although in fact, any phone call is at risk of being eavesdropped to some extent, is the VoIP call system itself at a high risk? In this article, we will explore the ins and outs of VoIP eavesdropping.
 
VoIP eavesdropping is possible
 
First, it is very important to clarify that listening to VoIP calls is absolutely possible. It is also possible to intercept telephone calls using the traditional PSTN (public switched telephone network. The difference between the two lies only in the tools and skill sets required for eavesdropping.
 
In a traditional telephone network, if someone is seeking to snoop a call, it is usually at least physically or physically accessible to the phone or telephone cable during the attack initiation phase. This type of attacks is typical in movies. Whether a good person or a bad person carries out the eavesdropping, someone can either access the phone or the telephone network interface box, which is sometimes located outside the house or office, then, a listening device is placed on the box to continuously monitor the telephone call content.
 
Possible VoIP eavesdropping usually follows the same process, but different tools are used. The first requirement is to be able to access the media that carries voice calls. This may be achieved by intruding into a VoIP Phone, a workstation running a softphone device, or a VoIP network infrastructure component, such as a network switch or cable. Next, attackers must use software tools to capture network traffic. Similar to eavesdropping devices in traditional eavesdropping attacks, network sniffing tools such as Wireshark can capture all data packets passing through the network and analyze them online or offline after being written to a file.
 
Finally, attackers need to understand the meaning of the captured data. This requires a translation tool that can convert data packets into voice calls. Similarly, there are free tools available online, such as VOMIT and VoIPong, which can help complete this task.
 
Switch security is critical
 
To reduce VoIP risks such as eavesdropping, one of the most important tasks that a network administrator can do is to deploy Basic Security Control for network switches. Although terminal security is very important, network switches are the place where traffic is aggregated. A wide range of eavesdropping attacks may be caused by malicious use of the span port of the switch. Compared with the voice traffic from a single terminal, this port can mirror all traffic through the switch.
 
The following are some best practices for vswitch management to help protect important components in this network infrastructure:
 
• It is important to ensure that the switch is physically secure in the locked room and has proper access control. If an attacker can access a vswitch physically, All the disks are lost.
• The organization should use a separate network for managing switches and other critical infrastructure devices. For an attacker, he should not be able to access the network for the general purpose to try to obtain access to the Management port of the network device.
• The organization must update the switch firmware as often as possible to patch known vulnerabilities corrected by the vendor.
 
Of course, there are more things to do than these basic suggestions to ensure the security of switch management. For more information, please read our article on vswitch security.
 
Encryption technology greatly reduces VoIP risks
 
Encryption technology is also a powerful weapon in the VoIP Security arsenal. All major VoIP providers now provide encryption capabilities. This method uses cryptographic technologies to confuse communication between terminals. Even if you try to use a network sniffer to intercept voice communication, but there is no corresponding decryption key, the eavesdroppers cannot decrypt all encrypted call content.
 
Before deploying the VoIP encryption technology, make sure to study the impact of applying the technology on your network on the quality of service provided by the network. Encryption requires a large amount of computing power. If it is not correctly implemented by the vendor, it may reduce the call speech quality on the network. That is to say, encryption technology is the technology that enterprises should consider to deploy, especially for lines that may carry high-sensitivity information.
 
If the organization decides to use encryption technology as a security measure on the network, it cannot ignore the need to use reasonable encryption key management practices. If the hacker can access the company's encryption key, he can easily decrypt the voice traffic. For more information on this topic, read the article "secure VoIP network: Key Management Mechanism".
 
Conclusion
 
In my opinion, correctly protected VoIP environments do not pose more risks than traditional telephone systems. By combining strong network security with the correctly deployed encryption technology, you can safely make full use of the VoIP technology in your organization.
 
Original Chinese TechTarget content