Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Question on VoIP security

from [Chris Serafin] Network Security [Permanent Link]
Subject: RE: Question on VoIP security
Date: Tue, 20 Dec 2005 22:11:33 -0600 
I am from a security pen test background but was hired with a Cisco VoIP
shop.  So naturally I wanted to experiment with VoIP pen testing.  

Sivus: VoIP vuln scanner:
http://www.vopsecurity.org/html/tools.html

Voice Over Misconfigured Internet Telephones: VOMIT:
http://vomit.xtdnet.nl/

Cain n Able:
http://www.oxid.it/cain.html

http://www.contractoruk.com/news/001864.html

I will be dedicating a lot of time researching this subject, once I pass my
damn QoS test!!! More to come!

Chris Serafin
IT Security / Voice Engineer
chris@chrisserafin.com





-----Original Message-----
From: Rodrigo Blanco [mailto:rodrigo.blanco.r@gmail.com] 
Sent: Sunday, December 18, 2005 7:01 AM
To: security-basics@securityfocus.com
Subject: Question on VoIP security

Hello list,

I am currently facing an Intranet VoIP project (will be restricted to
1 organization's Intranet, geographically disperse), from the security
standpoint. So, I have to propose a security architecture for a
SIP-based VoIP deployment. Vendor is still a variable, so it should be
as vendor-independent as possible (but it will probably be Cisco /
Nortel).

Does anyone have information on the currently security practices used
to protect the confidentiality, integrity and guarantee access control
in the VoIP services network?

If you can provide me with general principles, and perhaps links to
documents describing the security problems I should consider, these
would be more than welcome.

Thanks in advance and best regards,
Rodrigo.

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning,

Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfoc_ml
----------------------------------------------------------------------------




---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: EU approves data retention rules, Alessandro Bottonelli
Next by Date:  RE: secure live-cd, Chris Serafin
Previous by Thread:  Re: Question on VoIP security, Dave Dearinger
Next by Thread:  RE: Question on VoIP security, Hayes, Ian
Indexes:  [Date] [Thread] [Top] [All Lists]