Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Security & VOIP

Posted on 2003-11-30
4
Medium Priority
?
564 Views
Last Modified: 2010-04-11
Have to give a presentation on some of the choices for VOIP protocols that we may begin to use. I was wondering what your thoughts were concerning VOIP protocol security issues. I need some specifics however and it would help if you were actually working in the VOIP area and understand how VOIP works. Need this on the quick.
0
Comment
Question by:netmando
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 18

Expert Comment

by:chicagoan
ID: 9845927
0
 
LVL 9

Accepted Solution

by:
TooKoolKris earned 1200 total points
ID: 9846010
Well we are currently trying to come up with a VOIP solution ourselves for terminating multiple concurrent connections and then routing them into other LANs. Security for what we are doing is of some concern but not a lot due to the fact that we work with public data anyway. However I did do a little research in the area previously and from what I remember you really only have about 3 protocols to consider. H.323, SIP and MGCP. I would imagine you are either using H.323 or SIP as they are more popular. I would recommend H.323 to you if are more concerned with security, as it is the more comprehensive protocol. I’m pretty sure that H.323 can support authentication via IPSEC as well as provide for encryption. IMO you need to have a good level of encryption with your VOIP traffic because it’s protocols are easy to distinguish and therefore easily sniffed out by interceptors who can then reassemble the packets and sort of “tap the line” so to speak. Here are some links to some decent papers on the subject.

SANS Reading Room
 http://www.sans.org/rr/catindex.php?cat_id=64

Managing VOIP Solutions
http://www.concord.com/forms/createform.asp?formnum=508

Good VOIP Web Site
http://www.voiptimes.com/index.html

Have Fun
0
 

Author Comment

by:netmando
ID: 9846159
Thanks TooKool, this is what I was looking for, good links and thanks for the quick reply.
0
 
LVL 9

Expert Comment

by:TooKoolKris
ID: 9846730
You're welcome
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
How does someone stay on the right and legal side of the hacking world?
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question