Himanshu Dwivedi - Hacking VoIP: Protocols, Attacks, and Countermeasures
Here you can read online Himanshu Dwivedi - Hacking VoIP: Protocols, Attacks, and Countermeasures full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2008, publisher: No Starch Press, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Hacking VoIP: Protocols, Attacks, and Countermeasures
- Author:
- Publisher:No Starch Press
- Genre:
- Year:2008
- Rating:3 / 5
- Favourites:Add to favourites
- Your mark:
Hacking VoIP: Protocols, Attacks, and Countermeasures: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Hacking VoIP: Protocols, Attacks, and Countermeasures" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, its notoriously lacking in security. With minimal effort, hackers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.
Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If youre serious about security, and you either use or administer VoIP, you should know where VoIPs biggest weaknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.
Hacking VoIP will introduce you to every aspect of VoIP security, both in home and enterprise implementations. Youll learn about popular security assessment tools, the inherent vulnerabilities of common hardware and software packages, and how to:
- Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phishing
- Audit VoIP network security
- Assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk, and home VoIP solutions like Yahoo! and Vonage
- Use common VoIP protocols like H.323, SIP, and RTP as well as unique protocols like IAX
- Identify the many vulnerabilities in any VoIP network
Whether youre setting up and defending your VoIP network against attacks or just having sick fun testing the limits of VoIP networks, Hacking VoIP is your go-to source for every aspect of VoIP security and defense.
Himanshu Dwivedi: author's other books
Who wrote Hacking VoIP: Protocols, Attacks, and Countermeasures? Find out the surname, the name of the author of the book and a list of all author's works by series.
Hacking VoIP: Protocols, Attacks, and Countermeasures — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Hacking VoIP: Protocols, Attacks, and Countermeasures" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
Copyright 2010
For information on book distributors or translations, please contact No Starch Press, Inc. directly:
No Starch Press, Inc.
555 De Haro Street, Suite 250, San Francisco, CA 94107
phone: 415.863.9900; fax: 415.863.9950;
Library of Congress Cataloging-in-Publication Data:
Dwivedi, Himanshu. Hacking VoIP : protocols, attacks, and countermeasures / Himanshu Dwivedi. p. cm. Includes index. ISBN-13: 978-1-59327-163-3 ISBN-10: 1-59327-163-8 1. Internet telephony--Security measures. 2. Computer networks--Security measures. I. Title. TK5105.8865.P37 2009 004.69'5--dc22 2008038559No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.
The information in this book is distributed on an "As Is" basis, without warranty. While every precaution has been taken in the preparation of this work, neither the author nor No Starch Press, Inc. shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it.
This book is FOR MY DAD, quite simply the best human being I have ever met.
This book is dedicated to my family, specifically:
My daughter, Sonia Raina Dwivedi, for her smiles, laughs, persistence, flexibility, inflexibility, vocabulary, and the ability to make everybody around her happy.
My son, whose presence brings more happiness to everyone around him.
My wife, Kusum Pandey, who simply makes it all worthwhile and then some!
I'd like to acknowledge and thank Adam Wright, whose support throughout the writing of this book was well above the typical call of duty. Thanks, Adam, for helping me out during the non-peak times. Special thanks to Zane Lackey for two thingshis work on the IAX Security chapter as well as his technical review of the entire book. Thank you, Zane, for being a very dependable and highly skilled individual.
Hacking VoIP is a security book written primarily for VoIP administrators. The book will focus on administrators of enterprise networks that have deployed VoIP and administrators who are thinking about implementing VoIP on their network. The book assumes readers are familiar with the basics of VoIP, such as signaling and media protocols, and will dive straight into the security exposures of each of them (there is little info on how VoIP works, but rather the security concerns related to it). The book primarily focuses on enterprise issues, such as H.323, and devotes less attention to issues with small or PC-based VoIP deployments. The primary goal of this book is to show administrators the security exposures of VoIP and ways to mitigate those exposures.
This book will focus on the security aspects of VoIP networks, devices, and protocols. After a general overview in , "Signaling and Media: IAX Security," will cover IAX; while it is not necessarily as common as SIP, H.323, or RTP, IAX is becoming more widespread because of its use by Asterisk, the very popular open source IP PBX software. Additionally, unlike other VoIP protocols, IAX can handle both session setup and media transfer within itself on a single port, making it attractive for many newcomers to the VoIP market.
The second section of the book, "VoIP Security Threats," focuses on three different areas that are affected by weak VoIP protocols. The first chapter of this section, , "Home VoIP Solutions," discusses the security issues in home VoIP solutions, such as Vonage, or simply soft phones available from Microsoft, eBay, Google, and Yahoo!.
The final section of the book, "Assess and Secure VoIP," shows how to secure VoIP networks. , "Securing VoIP," shows how to protect against many of the attacks discussed in the first two sections of the book. While it's not possible to secure against all attacks, this chapter does show how to mitigate them.
For an attack on VoIP to be possible, only one side of the conversation needs to be using VoIP. The other side can be any landline, mobile phone, or another VoIP line .
The solutions discuss the need for stronger authentication, encryption solutions, and new technology to protect VoIP soft clients. Finally, , "Auditing VoIP for Security Best Practices," introduces an audit program for VoIP. VoIP Security Audit Program (VSAP) provides a long list of topics, questions, and satisfactory/unsatisfactory scores for the end user. The program's goal is to allow VoIP administrators and security experts to evaluate VoIP deployments in terms of security.
In addition to in-depth discussions about VoIP security issues, the book also covers many free security tools currently available on the Internet. These tools can help supplement the learning process by allowing readers to test their own VoIP networks and identify any security holes and/or weaknesses.
And in addition to the security testing tools, step-by-step testing procedures have been supplied after every major section in each chapter. For example, in order to fully understand a security threat, practical application of the issue is often very important. This book provides step-by-step procedures and links to the most current information. This approach should ensure that readers have everything they need to understand what is being presented and why.
Each chapter has a common structure, which is to introduce a VoIP topic, discuss the security aspects of the topic, discuss the tools that can be used with the topic and any step-by-step procedures to fully explain or demonstrate the topic/tool, and then explain the mitigation procedures to protect the VoIP network.
Additionally, various character styles throughout the book have significance for the reader. Filenames and filepaths will appear in italics , and elements from the user interface that the reader is instructed to click or choose will appear in bold . Excerpts from code will appear in a monospace font, and input that the reader is instructed to type into the user interface will appear in bold monospace. Placeholders and variables in code will appear in monospace italic, and placeholders that the reader needs to fill in will appear in monospace bold italic.
Security vulnerabilities often get lost in discussions, white papers, or books without practical examples. The ability to read about a security issue and then perform a quick example significantly adds to the education process. Thus, this book provides step-by-step testing procedures and demonstrations for many of the security issues covered. In order to perform adequate VoIP testing described in the chapters, a non-production lab environment should be created. This section discusses the specific lab environment that was used for most of the attacks discussed in this book, as well as configuration files to set up the devices and software. It should be noted that readers are not expected to license expensive software from Cisco and Avaya; thus, only free or evaluation software has been used in all labs. However, all attacks shown in the book apply to both open source and commercial software/devices (Cisco/Avaya) depending on the VoIP protocols that are supported. For example, the security vulnerabilities and attacks against SIP will apply consistently to any device, commercial or free, that supports it.
Font size:
Interval:
Bookmark:
Similar books «Hacking VoIP: Protocols, Attacks, and Countermeasures»
Look at similar books to Hacking VoIP: Protocols, Attacks, and Countermeasures. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Hacking VoIP: Protocols, Attacks, and Countermeasures and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.