Bisulfide

How people exploit VoIP

Archivado en: Online Technology Resources | 12 October, 2008

Around eight WiFi VoIP handsets and phones have been tested by leading security experts, who say that security problems range from potential DoS attacks to more severe issues that allow “deep access” to the handset that lets unscrupulous individual get hold of any sensitive information on the phone.

Such threats are inevitable. So who should sort it out? It has been suggested that if we see practices like this continue as these devices get more popular then the manufacturers will only have themselves to blame when there’s a widespread attack.

VoIP hacking is the contemporary version of war dialing – a strategy of automatically scanning telephone numbers using a modem, often ringing every phone number in a local area to find where computers or fax machines are available, then attempting to access them by guessing passwords.

Still there are actions people can take to protect themselves. Here’s a list of WiFi VOIP security issues, and some useful ways to guard against them:

Many directions of attack:
As the VoIP phones get more advanced, so could the points of entry for would be hackers. Email, client Web browsers, Bluetooth, SMS, WiFi, media players, and image viewers could all give hackers a point of entry. Though users can use open-source and commercial tools to regularly test their phones and networks, they’ll ultimately have to rely on vendors to also do thorough testing on these devices.

Targeting phones in public environments:
One way of doing this is a Bluetooth scanner could be hidden at the entrance to a major airport or train station and be used to steal user data. It may be best to keep Bluetooth and other wireless features swicthed off when not needed.

Rogue access points:
Meanwhile at the office or on the road, users will have to always be wary and scan for rogue access points. Unscrupulous individuals will set up access points to specifically target WiFi phones in a business environment as well as at conferences and other places business people like to frequent. Good device authentication and encryption can help provide protection here.

Specific attacks:
Select attacks on precise voice-over-wireless networks could also be an issue, although perhaps one that the victims may try to downplay.

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • OnlyWire
  • Socialize-It
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Netscape
  • YahooMyWeb
  • Reddit
  • Slashdot
  • Ma.gnolia
  • RawSugar

Comments Off | t | #


Comentarios cerrados para esta entrada.