VoIP protocol security-can't ignore the pain

Currently, VoIP faces security issues of four main: blocking service (DoS) attacks, illegal access, charges fraud or eavesdropping threats. VoIP protocol security is not negligible pain. Information security experts will warn you that if you do not deploy VoIP properly, Internet telephony will be attacked by hackers and malicious code. VoIP can disrupt the security of the network, especially for corporate networks, because companies are eager to deploy this technology and ignore security. Careful analysis can be seen, VoIP first to face the security problem is the lowest level of harm. Its own hardware and software facilities. Because most VoIP devices are currently based on standard operating systems and transport protocols are open technologies, there is a high likelihood of attack by attackers. And in most cases, VoIP facilities need to provide remote management capabilities, and the services and software they rely on may also have security vulnerabilities. A specific look at VoIP transmission protocol. VoIP-related network technology protocols are many, common to control real-time data flow applications in the IP network transmission of RTP (real-time transmission protocol) and RTCP (real-time Transmission Control Protocol), there is guaranteed QoS quality services for the network RSVP (Resource Reservation protocol) and IP different service, etc. , there are a series of protocols such as G.711, g.728, g.723, g.729, etc. But the current VoIP technology most commonly used voice establishment and control signaling is H.323 and SIP (Session Initiation Protocol). SIP protocol is an important part of the IETF definition multimedia data and control architecture. At the same time, sip can be used in a number of areas because it is only responsible for providing session connectivity and conversation management, but not for applications. Today, SIP IP telephony, group video conferencing systems, audio conferencing media servers dedicated to service providers, and video conferencing multi-point control units that are compatible with H.323 and SIP are now available on the market. At present, SIP is bringing the most extensive interconnection to the conference market. However, even the protocol itself has a potential security problem: H.323 and sip are generally an open protocol system. In a series of call process, the equipment manufacturers have independent components to carry. Some of these products are based on Windows NT operating systems and Linux. And the more open the operating system, its product application process is more vulnerable to viruses and malicious attacks. These applications are installed in the equipment at the factory, can not guarantee the latest version or promise has made up some security vulnerabilities. At the same time, the most new development technology of the transport protocol, SIP is not perfect, it uses similar to FTP, e-mail or HTTP server form to initiate the connection between users. With this connection technology, hackers also attack VoIP. Two years ago, the state calculatedThe computer network Emergency Technology Processing Coordination Center (CERT) has reported a flaw in the SIP protocol stack. With this flaw, attackers will have access to illegal access privileges, launch Dos attacks, and cause system instability. Obviously, this flaw is related to the "invitation" letter sent by the SIP device to initialize VoIP calls, text chats, or video. In principle, exploiting vulnerabilities can initiate various types of attacks. For example, once the gateway has been hacked, IP phones can be dialed without authentication, without the protection of voice calls may be intercepted and eavesdropping, and can be truncated at any time. Hackers use redirect attacks to replace voice mail addresses with specific IP addresses of their own designation, opening secret channels and backdoor doors for themselves. The most typical is that hackers can cheat the SIP and IP address restrictions and steal the entire conversation process. Therefore, imperfect agreements can lead to serious consequences: if someone uses a SIP flaw to impersonate your agent and he can easily access your information (including, of course, the bank card number and password), your hard-earned savings will be ransacked when the phone hangs up. In addition, a hacker can easily submit excessive fake service requests in your SIP server so that the server cannot answer or listen to the phone, resulting in a denial of service. The problem with the agreement goes far beyond that. Intercepting SIP protocols on the network makes it easy to get RTP ports and routes, and then easily eavesdrop on specific patterns. Through the mixed mode of the network card, hackers can easily achieve the interception of all POP3 in the local Area network protocol. Including passwords, are easy to intercept. In addition, the implementation of VoIP relies on the TCP/IP protocol stack running, so the TCP/IP protocol faces all the security problems we can not avoid. Some common and troublesome virus problems are also destined to be a nuisance to the VoIP application environment. As a result, VoIP devices themselves should pay more attention to common information security principles than ordinary computer devices, such as providing only the necessary services, shutting down and shielding unwanted ports, and stopping the use of unnecessary protocols. There is no need to enable unnecessary and unused protocols and services to avoid providing more opportunities for hackers. Ignoring these principles would pose a very serious security hazard. The reason is obvious: if the VoIP infrastructure is not effectively protected, it can be easily attacked and the stored conversation will be tapped. Compared with traditional telephony devices, the network ━━ routers, servers, and even switches that transmit VoIP are more vulnerable to attack. While the traditional telephone uses the PBX, it is stable and safe. The era of traditional telephone monopoly is about to pass, and the era of VoIP is coming. This forces VoIP service providers to re-examine their technology focus. Thankfully, some of the current transport protocols are becoming more sophisticated, and companies are beginning to realize the importance of protocol security. (Responsibilityren Editor: ZHAOHB (0 Votes) Tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title of the party (0 Votes) passed (0 Votes) Text: VoIP protocol security-The pain can not be ignored back to network security home