Home / Blogs

VoIP Security FUD

  • Feb 18, 2006 2:19 PM PDT
  • Comments: 0
  • Views: 3,959
Print Comment
By Irwin Lazar
Irwin Lazar

I'm continually amazed by the amount of FUD being spread with regard to VoIP security threats. People...the sky is not falling. VoIP isn't e-mail. It isn't implemented like e-mail, it won't be implemented like e-mail (maybe "it shouldn't be implemented like e-mail" is a more appropriate statement). Following best security practices will ensure at least a level of security equivalent to current TDM systems.

Best FUD I've heard this week: VoIP is insecure because you can simply put a bridge on an ethernet line and capture a stream. Hey, has anyone ever heard of alligator clips?

Heck, we could use a Thunderbird protocol analyzer ten years ago to listen to calls on our channelized T1s at a previous job site. And, we could do this in a central location because all calls out of our HQ site went through a single set of cables. VoIP is much more difficult to tap, calls, or even individual packets within a single call, can take multiple routes through a network. Tapping a user's Ethernet port requires the ability to log in to their local switch and span their port, something that requires an account on the switch, and something that ought to be logged (there is that 'best practice' thing again).

While the "place the hub" in-line attack could work, it won't work in environments where the switch is providing line power to the phone (unless you have a line-powered hub), and it won't work in implementations that use 802.1x to authenticate devices placed on the network. Finally, if you are really concerned about wire-tapping, turn on the encryption capabilities that many VoIP vendors currently support. (In this case, VoIP offers superior security to TDM, how many TDM systems support end-to-end encryption?)

Yes, there are security threats to VoIP, just as there are to any application, or even legacy TDM systems (toll fraud anyone?). But let's not scare people into thinking that implementing VoIP means that they will fall victim to a non-stop flood of SPAM, SPIT, DoS, Phishing, and a litany of other attacks.

Also read "Is VoIP Ripe for Attack?", a related NewsFactor Network article on VoIP security where Irwin Lazar, author of this post, is quoted.

By Irwin Lazar, Analyst. Visit the blog maintained by Irwin Lazar here.

Related topics: Regional Registries, Security, Spam, Telecom, VoIP

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:
Print Comment

Comments

To post comments, please login or create an account.

Related Blogs

The Antivirus Uncertainty Principle

  • May 24, 2012
  • Comments: 0

Rethinking Protection Technologies: A Change Has Occurred

  • May 16, 2012
  • Comments: 0

Cel-e-brate v6, Come On!

  • May 15, 2012
  • Comments: 0

Hosters: Is Your Platform Being Used to Launch DDoS Attacks?

  • May 15, 2012
  • Comments: 0

Communications and the London Olympics

  • May 13, 2012
  • Comments: 0
View More

Related News

Google Notifying Half a Million Users Affected By DNSChanger

  • May 23, 2012
  • Comments: 0

Eugene Kaspersky: World Needs International Agreements On Cyber-Weapons

  • May 23, 2012
  • Comments: 1

DNSChanger Disruption Inevitable, ISPs Urged to Bolster User Support

  • May 17, 2012
  • Comments: 0

Gas Pipeline Firms Under Targeted Phishing Attacks

  • May 08, 2012
  • Comments: 0

FBI Pushing Plans to Force Surveillance Backdoors on Social Networks, VoIP, and Email Providers

  • May 04, 2012
  • Comments: 0
View More

Topics

Access ProvidersLaw
BroadbandMalware
CensorshipMobile
Cloud ComputingMultilinguism
CyberattackNet Neutrality
CybercrimeP2P
CybersquattingPolicy & Regulation
Data CenterPrivacy
DNSRegional Registries
DNS SecurityRegistry Services
Domain NamesSecurity
EmailSpam
EnumTelecom
ICANNTop-Level Domains
Internet GovernanceVoIP
Internet ProtocolWeb
IP AddressingWhite Space
IPTVWhois
IPv6Wireless
View More

Industry Updates – Sponsored Posts

Nominum Launches 1st Comprehensive Mobile Security Solution That Protects Both Network and End User

Frontline and Nominum Deliver Integrated DNS-Based Platform to Enhance Enterprise Security

Nominum Launches Comprehensive Suite of DNS-Based Security Solutions for Russian Service Providers

Nominum Sets New Record for Network Speed and Efficiency

Implementing a Cyber-Security Code of Conduct: Real-Life Lessons From Australia (Webinar)

DDoS Attacks: Top 10 Trends and Truths (Video)

DNS on Defense, DNS on Offense

Managing Outbound Spam: A New DNS-based Approach For Stopping Abuse (Webinar)

Neustar and University of Illinois Launch the Neustar Innovation Center

DDoS Attacks: Top Trends and Truths (Webinar)

Internet Grows to More Than 225 Million Domain Names in the Fourth Quarter of 2011

Neustar UltraDNS Basic Launches Add-On Services for Website Monitoring and DNS Server Failover

Neustar And Arbor Networks Cloud Signaling Coalition to Stop Evolving DDoS Threat to Data Centers

Nominum Launches World's First Purpose-Built Suite of DNSā€Based Solutions for Mobile Operators

MarkMonitor Fraud Intelligence Report, Q4 2011

MarkMonitor to Exhibit at Internet Tech Policy Exhibition and Reception to be Held on Capitol Hill

Verisign to Award New Infrastructure Research Grants

Nixu SNS 2.5 Series Gives Fresh Views on DNS

Neustar Names Joe Pasqua to Head Neustar Labs

Q3 2011 Fraud Intelligence Report

View More

Hot Topics

Afilias

DNS Security

Sponsored by
Afilias
Verisign

Security

Sponsored by
Verisign
dotMobi

Mobile

Sponsored by
dotMobi
Neustar UltraDNS

DNS

Sponsored by
Neustar UltraDNS
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
Nominum

IPv6

Sponsored by
Nominum
View More