HAPPY BOOKSGIVING
Use code BOOKSGIVING during checkout to save 40%-55% on books and eBooks. Shop now.
Register your product to gain access to bonus material or receive a coupon.
Voice over IP Security
Security best practices derived from deep analysis of the latest VoIP network threats
Patrick Park
VoIP security issues are becoming increasingly serious because voice networks and services cannot be protected from recent intelligent attacks and fraud by traditional systems such as firewalls and NAT alone. After analyzing threats and recent patterns of attacks and fraud, consideration needs to be given to the redesign of secure VoIP architectures with advanced protocols and intelligent products, such as Session Border Controller (SBC). Another type of security issue is how to implement lawful interception within complicated service architectures according to government requirements.
Voice over IP Security focuses on the analysis of current and future threats, the evaluation of security products, the methodologies of protection, and best practices for architecture design and service deployment. This book not only covers technology concepts and issues, but also provides detailed design solutions featuring current products and protocols so that you can deploy a secure VoIP service in the real world with confidence.
Voice over IP Security gives you everything you need to understand the latest security threats and design solutions to protect your VoIP network from fraud and security incidents.
Patrick Park has been working on product design, network architecture design, testing, and consulting for more than 10 years. Currently Patrick works for Cisco® as a VoIP test engineer focusing on security and interoperability testing of rich media collaboration gateways. Before Patrick joined Cisco, he worked for Covad Communications as a VoIP security engineer focusing on the design and deployment of secure network architectures and lawful interception (CALEA). Patrick graduated from the Pusan National University in South Korea, where he majored in computer engineering.
Understand the current and emerging threats to VoIP networks
Learn about the security profiles of VoIP protocols, including SIP, H.323, and MGCP
Evaluate well-known cryptographic algorithms such as DES, 3DES, AES, RAS, digital signature (DSA), and hash function (MD5, SHA, HMAC)
Analyze and simulate threats with negative testing tools
Secure VoIP services with SIP and other supplementary protocols
Eliminate security issues on the VoIP network border by deploying an SBC
Configure enterprise devices, including firewalls, Cisco Unified Communications Manager, Cisco Unified Communications Manager Express, IP phones, and multilayer switches to secure VoIP network traffic
Implement lawful interception into VoIP service environments
This IP communications book is part of the Cisco Press® Networking Technology Series. IP communications titles from Cisco Press help networking professionals understand voice and IP telephony technologies, plan and design converged
networks, and implement network
solutions for increased productivity.
Category: Networking—IP Communication
Covers: VoIP Security
Introduction
Part I: VoIP Security Fundamentals 3
Chapter 1: Working with VoIP 5
VoIP Benefits 6
VoIP Disadvantages 8
Sources of Vulnerability 10
IP-Based Network Infrastructure 10
Open or Public Networks 11
Open VoIP Protocol 11
Exposed Interface 11
Real-Time Communications 11
Mobility 11
Lack of Security Features and Devices 11
Voice and Data Integration 12
Vulnerable Components 12
Myths Versus Reality 14
Legacy Versus VoIP Systems 14
Protecting Networks Using Strict Authentication and Encryption 14
Protecting Networks Using a Data Security Infrastructure 15
Summary 15
End Notes 16
References 16
Chapter 2: VoIP Threat Taxonomy 19
Threats Against Availability 20
Call Flooding 20
Malformed Messages (Protocol Fuzzing) 22
Spoofed Messages 24
Call Teardown 25
Toll Fraud 26
Call Hijacking 26
Registration Hijacking 27
Media Session Hijacking 27
Server Impersonating 28
QoS Abuse 29
Threats Against Confidentiality 30
Eavesdropping Media 30
Call Pattern Tracking 32
Data Mining 33
Reconstruction 34
Threats Against Integrity 34
Message Alteration 35
Call Rerouting 35
Call Black Holing 36
Media Alteration 37
Media Injection 37
Media Degrading 38
Threats Against Social Context 38
Misrepresentation 39
Call Spam (SPIT) 39
IM Spam (SPIM) 40
Presence Spam (SPPP) 41
Phishing 42
Summary 43
End Notes 44
References 44
Chapter 3: Security Profiles in VoIP Protocols 47
H.323 48
Overview 48
Components 49
Basic Call Flow 50
Security Profiles 52
H.235 Annex D (Baseline Security) 54
H.235 Annex E (Signature Security) 55
H.235 Annex F (Hybrid Security) 56
SIP 57
Overview 58
Components 58
Basic Call Flow 60
Session Setup Example 61
Security Profiles 67
Digest Authentication 68
Identity Authentication 69
Secure/Multipurpose Internet Mail Extensions (S/MIME) 70
Secure RTP 71
TLS 71
IPSec 73
MGCP 74
Overview 74
Basic Call Flow 75
Security Profiles 75
Summary 78
End Notes 79
References 80
Chapter 4: Cryptography 83
Symmetric (Private) Key Cryptography 84
DES 85
3DES 87
AES 89
SubBytes 89
ShiftRows 90
MixColumns 91
AddRoundKey 92
Asymmetric (Public) Key Cryptography 92
RSA 93
Digital Signature 95
Hashing 96
Hash Function (MD5) 97
SHA 98
Message Authentication Code 99
MAC Versus Digital Signature 100
Key Management 100
Key Distribution 101
Summary 103
End Notes 104
References 104
Chapter 5: VoIP Network Elements 107
Security Devices 108
VoIP-Aware Firewall 108
NAT 109
Session Border Controller 113
Lawful Interception Server 114
Service Devices 116
Customer Premise Equipment 116
Call Processing Servers 117
PAP Versus CHAP 119
RADIUS Versus TACACS+ 120
Summary 120
End Notes 121
References 122
Part II: VoIP Security Best Practices 125
Chapter 6: Analysis and Simulation of Current Threats 127
Denial of Service 128
Intentional Flooding 129
Simulation 129
Analysis 135
Mitigation 137
Unintentional Flooding 138
Analysis 139
Mitigation 141
Malformed Messages 143
Simulation 144
Analysis 150
Mitigation 154
Sniffing/Eavesdropping 154
Simulation 154
Analysis 158
Mitigation 161
Spoofing/Identity Theft 162
Simulation 162
Prespoofing Scan 162
Identity Theft 163
Analysis 164
Mitigation 165
VoIP Spam 165
Voice Spam 165
IM Spam 167
Presence Spam 167
Mitigation 168
Content Filtering 168
Turing Test 168
Reputation System 169
Address Obfuscation 170
Limited-Use Address 171
Consent-Based Black/White List 171
Summary 172
End Notes 173
References 173
Chapter 7: Protection with VoIP Protocol 175
Authentication 175
User-to-Proxy Authentication 176
User-to-User Authentication 179
Encryption 182
Message Encryption (S/MIME) 183
S/MIME Certificates 184
S/MIME Key Exchange 185
Formatting S/MIME Bodies 186
Media Encryption 188
Key Derivation 188
SRTP Packet Processing 190
SRTP Test 191
Transport and Network Layer Security 193
Transport Layer Security 194
IPSec (Tunneling) 195
Threat Model and Prevention 195
Registration Hijacking 195
Impersonating a Server 196
Tearing Down Sessions 196
Denial-of-Service and Amplification 197
Limitations 198
Digest Authentication Limitations 198
S/MIME Limitations 198
TLS Limitations 199
SIPS URI Limitations 199
Summary 200
End Notes 200
References 201
Chapter 8: Protection with Session Border Controller 203
Border Issues 204
Between Access and Core Networks 206
Between Core and Peer Networks 207
Access and Peer SBCs 208
SBC Functionality 208
Network Topology Hiding 208
Example of Topology Hiding 209
DoS Protection 213
Policy-Driven Access Control 213
Hardware Architecture 215
Overload Prevention 216
Registration Timer Control 217
Ping Control 220
Load Balancing 220
NAT Traversal 222
Lawful Interception 224
Other Functions 226
Protocol Conversion 226
Transcoding 226
Number Translation 227
QoS Marking 228
Service Architecture Design 228
High Availability 229
Active-Standby 230
Active-Active 231
Network Connectivity 232
Service Policy Analysis 234
Virtualization 237
Optimization of Traffic Flow 239
Deployment Location 239
Media Control 240
Summary 245
End Notes 246
References 246
Chapter 9: Protection with Enterprise Network Devices 249
Firewall 249
ASA and PIX Firewalls 251
Routed Mode 251
Transparent Mode 252
TLS Proxy Feature 253
Configuration Example 254
FWSM Firewall 256
Routed Mode 256
Transparent Mode 256
Configuration Example 257
Limitations 258
Unified Communications Manager Express 259
Access Control 259
Phone Registration Control 261
Secure GUI Management 263
Class of Restriction 264
After-Hours Call Blocking 266
Unified Communications Manager 267
Security Features and Certificates 267
Integrity and Authentication 269
Image Authentication 270
Device Authentication 270
File Authentication 270
Signaling Authentication 271
Digest Authentication 271
Authorization 272
Encryption 273
Signaling Encryption 273
Media Encryption 274
Configuration File Encryption 275
Configuration Guideline 275
Access Devices 277
IP Phone 278
Switch 278
Mitigate MAC CAM Flooding 278
Prevent Port Access 279
Prevent Network Extensions 280
Prevent Fraudulent DHCP Server 280
Mitigate DHCP DoS Attacks 281
Limit ARP Responses 282
VLAN ACL 282
Deployment Example 284
Summary 286
End Notes 287
References 287
Part III: Lawful Interception (CALEA) 289
Chapter 10: Lawful Interception Fundamentals 291
Definition and Background 292
Requirements from Law Enforcement Agents 293
Reference Model from an Architectural Perspective 294
AF (Access Function) 295
DF (Delivery Function) 295
CF (Collection Function) 296
SPAF (Service Provider Administration Function) 297
LEAF (Law Enforcement Administration Function) 297
Request and Response Interfaces 297
Operational Considerations 300
Detection by the Target Subscriber 300
Address Information for Call Content Interception 301
Content Encryption 302
Unauthorized Creation and Detection 303
Call Forwarding or Transfer 303
Capacity 304
Summary 304
End Notes 305
Chapter 11: Lawful Interception Implementation 307
Intercept Request Interface 308
SIP P-DCS Header 309
Intercept Process Flow for Outbound Call 310
Intercept Process Flow for Inbound Call 311
Cisco SII 313
Device Interfaces 314
Intercept Process Flow for Standard Call 316
Intercept Process Flow for Forwarding Call 319
Intercept Process Flow for Conference Call 322
Predesign Considerations 325
Security Considerations 326
Configuration Example 327
Call Data and Content Connection Interfaces 329
Call Content Connection Interface 330
Call Data Connection Interface 333
CDC Messages 333
Interface Between MD and LEA 339
Summary 341
End Notes 342
References 342
Index 345