<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>VoIP Security</title><link rel="stylesheet" href="styles.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.69.1" /><link rel="start" href="index.html" title="Asterisk™: The Future of Telephony" /><link rel="up" href="asterisk-CHP-8.html" title="Chapter 8. Protocols for VoIP" /><link rel="prev" href="asterisk-CHP-8-SECT-6.html" title="Asterisk and VoIP" /><link rel="next" href="asterisk-CHP-8-SECT-7.html" title="Conclusion" /></head><body><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">VoIP Security</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="asterisk-CHP-8-SECT-6.html">Prev</a> </td><th width="60%" align="center">Chapter 8. Protocols for VoIP</th><td width="20%" align="right"> <a accesskey="n" href="asterisk-CHP-8-SECT-7.html">Next</a></td></tr></table><hr /></div><div class="sect1" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="I_sect18_tt1164"></a>VoIP Security</h2></div></div></div><p>In this book we can barely <a id="ch08_voipsecurity" class="indexterm"></a><a id="ch08_security" class="indexterm"></a>scratch the surface of the complex matter of VoIP security;
    therefore before we dig in, we want to steer you in the direction of the
    VoIP Security Alliance (<a href="http://www.voipsa.org" target="_top">http://www.voipsa.org</a>). This fantastic
    resource contains an excellent mailing list, white papers, howtos, and a
    general compendium of all matters relating to VoIP security. Just as email
    has been abused by the selfish and criminal, so too will voice. The fine
    folks at VoIPSA are doing what they can to ensure that we address these
    challenges now, before they become an epidemic. In the realm of books on
    the subject, we recommend the most excellent <em class="citetitle">Hacking Exposed
    VoIP</em> by David Endler and Mark Collier (McGraw-Hill Osborne
    Media). If you are responsible for deploying any VoIP system, you need to
    be aware of this stuff.</p><div class="sect2" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id4142334"></a>Spam over Internet Telephony (SPIT)</h3></div></div></div><p>We don’t <a id="I_indexterm8_tt1165" class="indexterm"></a><a id="I_indexterm8_tt1166" class="indexterm"></a>want to think about this, but we know it’s coming. The
      simple fact is that there are people in this world who lack certain
      social skills, and, coupled with a kind of mindless greed, these folks
      think nothing of flooding the Internet with massive volumes of email.
      These same types of characters will similarly think little of doing the
      same with voice. We already know what it’s like to get flooded with
      telemarketing calls; try to imagine what happens when it costs the
      telemarketer almost nothing to send voice spam. Regulation has not
      stopped email spam, and it will probably not stop voice spam, so it will
      be up to us to prevent it.</p></div><div class="sect2" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id4142376"></a>Encrypting Audio with Secure RTP</h3></div></div></div><p>If you can sniff <a id="I_indexterm8_tt1167" class="indexterm"></a>the packets coming out of an Asterisk system, you can
      extract the audio from the RTP streams. This data can be fed offline to
      a speech processing system, which can listen for keywords such as
      “credit card number” or “PIN”, and present that data to someone who has
      an interest in it. The stream can also be evaluated to see if there are
      DTMF tones embedded in it, which is dangerous because many services ask
      for password and credit card information input via the dialpad. In
      business, strategic information could also be gleaned from being able to
      capture and evaluate audio.</p><p>Using Secure RTP can combat this problem by encrypting the RTP
      streams; however, Asterisk does not support SRTP as of this writing.
      Work is under way to provide SRTP support (a patch exists in the trunk
      release, but it is not known as of this writing whether this will be
      back-ported to 1.4).</p></div><div class="sect2" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id4142411"></a>Spoofing</h3></div></div></div><p>In the traditional telephone network, it is very difficult to
      successfully adopt someone else’s identity. Your activities can (and
      will) be traced back to you, and the authorities will quickly put an end
      to the fun. In the world of IP, it is much easier to remain anonymous.
      As such, it is no stretch to imagine that hordes of enterprising
      criminals will only be too happy to make calls to your credit card
      company or bank, pretending to be you. If a trusted mechanism is not
      discovered to combat spoofing, we will quickly learn that we cannot
      trust VoIP calls.</p></div><div class="sect2" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id4142428"></a>What Can Be Done?</h3></div></div></div><p>The first thing to keep in mind when considering security on a
      VoIP system is that VoIP is based on network protocols, and needs be
      evaluated from that perspective. This is not to say that traditional
      telecom security should be ignored, but we need to pay attention to the
      underlying network.</p><div class="sect3" lang="en" xml:lang="en"><div class="titlepage"><div><div><h4 class="title"><a id="id4142439"></a>Basic network security</h4></div></div></div><p>One of the most effective things that can be done is to secure
        access to the voice network. The use of firewalls and VLANs are
        examples of how this can be achieved. By default, the voice network
        should be accessible only to those things that have a need. For
        example, if you do not have any softphones in use, do not allow client
        PCs access to the voice network.</p><div class="sect4" lang="en" xml:lang="en"><div class="titlepage"><div><div><h5 class="title"><a id="id4142451"></a>Segregating voice and data traffic</h5></div></div></div><p>Unless there is a need to have voice and data on the same
          network, there may be some value in keeping them separate (this can
          have other benefits as well, such as simplifying QoS
          configurations). It is not unheard of to build the internal voice
          network on a totally separate LAN, using existing CAT3 cabling and
          terminating on inexpensive network switches. It can be less
          expensive too.</p></div><div class="sect4" lang="en" xml:lang="en"><div class="titlepage"><div><div><h5 class="title"><a id="id4142465"></a>DMZ</h5></div></div></div><p>Placing your VoIP system in a DMZ can provide an additional
          layer of protection for your LAN, while still allowing connectivity
          for relevant applications. Should your VoIP system be compromised,
          it will be much more difficult to use it to launch an attack on the
          rest of your network, since it is not trusted. Regardless of whether
          you deploy within a DMZ, any abnormal traffic coming out of the
          system should be suspect.</p></div><div class="sect4" lang="en" xml:lang="en"><div class="titlepage"><div><div><h5 class="title"><a id="id4142479"></a>Server hardening</h5></div></div></div><p>Hardening your Asterisk server is critical. Not only are there
          performance benefits to doing this (running nonessential processes
          can eat up valuable CPU and RAM), the elimination of anything not
          required will reduce the chance that an exploited vulnerability in
          the operating system can be used to gain access and launch an attack
          on other parts of your network.</p><p>Running Asterisk as non-<span class="emphasis"><em>root</em></span> is an
          essential part of system hardening. See <a href="asterisk-CHP-11.html" title="Chapter 11. The Asterisk GUI Framework">Chapter 11, <i>The Asterisk GUI Framework</i></a> for more information.</p></div></div><div class="sect3" lang="en" xml:lang="en"><div class="titlepage"><div><div><h4 class="title"><a id="id4142507"></a>Encryption</h4></div></div></div><p>Even though Asterisk does not<a id="I_indexterm8_tt1168" class="indexterm"></a> yet fully support SRTP, it is still possible to encrypt
        VoIP traffic. For example, between sites a VPN could be employed.
        Consideration should be given to the performance cost of this, but in
        general this can be a very effective way to secure VoIP traffic and it
        is relatively simple to implement.</p></div><div class="sect3" lang="en" xml:lang="en"><div class="titlepage"><div><div><h4 class="title"><a id="id4142530"></a>Physical security</h4></div></div></div><p>Physical security should not be ignored. All terminating
        equipment (such as switches, routers, and the PBX itself) should be
        secured in an environment that can only be accessed by authorized
        persons. At the user end (such as under desks), it can be more
        difficult to deliver physical security, but if the network responds
        only to devices that it is familiar with (such as restricting DHCP to
        devices whose MAC is known), unauthorized intrusion can be mitigated
        somewhat.<a id="I_indexterm8_tt1169" class="indexterm"></a><a id="I_indexterm8_tt1170" class="indexterm"></a></p></div></div></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="asterisk-CHP-8-SECT-6.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="asterisk-CHP-8.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="asterisk-CHP-8-SECT-7.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Asterisk and VoIP </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Conclusion</td></tr></table></div><div xmlns="" id="svn-footer"><hr /><p>You are reading <em>Asterisk: The Future of Telephony</em> (2nd Edition for Asterisk 1.4), by Jim van Meggelen, Jared Smith, and Leif Madsen.<br />
       This work is licensed under the <a href="http://creativecommons.org/licenses/by-nc-nd/3.0/">Creative Commons Attribution-Noncommercial-No Derivative Works License v3.0</a>.<br />
       To submit comments, corrections, or other contributions to the text, please visit <a href="http://oreilly.com/catalog/9780596510480/">http://www.oreilly.com/</a>.</p></div></body></html>