Overview

Sidestep VoIP Catastrophe the Foolproof Hacking Exposed Way This book illuminates how remote users can probe, sniff, and modify your phones, phone switches, and networks that offer VoIP services. Most importantly, the authors offer solutions to mitigate the risk of deploying VoIP technologies. --Ron Gula, CTO of Tenable Network Security Block debilitating VoIP attacks by learning how to look at your network and devices through the eyes of the malicious intruder. Hacking Exposed VoIP shows you, step-by-step, how online criminals perform reconnaissance, gain access, steal data, and penetrate vulnerable systems. All hardware-specific and network-centered security issues are covered alongside detailed countermeasures, in-depth examples, and hands-on implementation techniques. Inside, you'll learn how to defend against the latest DoS, man-in-the-middle, call flooding, eavesdropping, VoIP fuzzing, signaling and audio manipulation, Voice SPAM/SPIT, and voice phishing attacks. Find out how hackers footprint, scan, enumerate, and pilfer VoIP networks and hardware Fortify Cisco, Avaya, and Asterisk systems Prevent DNS poisoning, DHCP exhaustion, and ARP table manipulation Thwart number harvesting, call pattern tracking, and conversation eavesdropping Measure and maintain VoIP network quality of service and VoIP conversation quality Stop DoS and packet flood-based attacks from disrupting SIP proxies and phones Counter REGISTER hijacking, INVITE flooding, and BYE call teardown attacks Avoid insertion/mixing of malicious audio Learn about voice SPAM/SPIT and how to prevent it Defend against voice phishing and identity theft scams

Full Product Details

9780072263640

Table of Contents

Reviews

Author Information

David Endler is the director of security research for 3Com's security division, TippingPoint, where he oversees product security testing, the VoIP security research center, and their vulnerability research team. While at TippingPoint, David founded an industry-wide group called the Voice over IP Security Alliance (VOIPSA) in 2005. VOIPSA's mission is to help VoIP adoption by promoting the current state of VoIP security research, testing methodologies, best practices, and tools. David is currently the chairman of VOIPSA which boasts over 100 members from the VoIP vendor, carrier, and security space (http://www.voipsa.org). Prior to TippingPoint, David was the technical director at security services startup, iDefense, Inc. which was acquired by VeriSign. iDefense specializes in cyber security intelligence, tracking the activities of cyber-criminals and hackers, in addition to researching the latest vulnerabilities, worms, and viruses. Prior to iDefense, David spent many years in cutting edge security research roles with Xerox Corporation, the National Security Agency, and Massachusetts Institute of Technology. As an internationally recognized security expert, David is a frequent speaker at major industry conferences and has been quoted and featured in many top publications and media programs including the Wall Street Journal, USA Today, BusinessWeek, Wired Magazine, the Washington Post, CNET, Tech TV, and CNN. David has authored numerous articles and papers on computer security, and was named one of the Top 100 voices in IP Communications by IP Telephony Magazine. David is a Summa Cum Laude graduate from Tulane University where he earned a Bachelors degree and Masters degree in Computer Science. Mark Collier is the Chief Technology Officer at SecureLogix corporation, where he directs the companies Voice Over IP (VoIP) security research and development. Mark also defines and conducts VoIP security assessments for SecureLogix's enterprise customers. Mark is actively performing research for the US Department of Defense, with a focus on developing SIP vulnerability assessment tools. Prior to SecureLogix, Mark was with Southwest Research Institute (SwRI), where he directed a group performing research and development in the areas of computer security and information warfare. Mark is a frequent speaker at major voice and security conferences. Mark has authored numerous articles and papers on VoIP security. Mark is also a founding member of the Voice Over IP Security Alliance (VoIPSA). Mark is a Magna Cum Laude graduate from St. Mary's University, where he earned a Bachelors degree in Computer Science.

Tab Content 6

Customer Reviews

Recent Reviews

Countries Available