August 6, 2006
Securing VoIP
Few would doubt that Voice Over IP (VoIP), has become a viable alternative to the traditional PTSN (Public Telephone Switched Network) phone system. Many companies have already switched over at least a portion of their voice network to VoIP solutions. Though attacks have not yet become widespread, there is a need to be concerned with security when it comes to VoIP.
With the traditional PTSN, it is fairly difficult to mount an attack. Physical access to the wire is required to intercept a call. While it is possible to tap the wire just outside the building, doing so would be quite risky. Access to the internal workings of the telephone network for the purpose of call interception would be nearly impossible to gain (Lookabaugh and Sicker, 2004.) Other advantages the PTSN has over VoIP networks is ease of use and user familiarity. For most users the telephone just works, and works instantly without going through any complicated processes to get it to work. This presents a challenge when implementing security solutions for VoIP networks. Anything that deviates from user expectations when using the phone will be seen as a nuisance, and an impedance to productivity (Lookabaugh and Sicker, 2004.)
There are three main aspects that need to be addressed when securing a Voice over IP network. The first and easiest to address is physical access to the phones. This may seem obvious, but physical security is one of the most often over-looked components of network defense. Phones should be secured at the very least by password authentication. An improvement over password authentication would be the use of bio-metric authentication devices. The phones themselves may also be running other applications. Companies should protect themselves by analyzing these applications and determining what ports they are leaving open, and what vulnerabilities might be exploitable (Schwartz, 2006.) If any of these vulnerabilities are found, every attempt should be made to disable that service, or block the ports it is using at the firewall.
The second element that needs to be secured is the communications channel. With the PSTN, this security was maintained by the phone company by strictly limiting access to the infrastructure. With calls going out over the Internet, this security is no longer guaranteed. Voice transmissions over the Internet are vulnerable to the same kinds of threats known to any other application transmitting over TCP/IP. To maintain the level of security afforded by the PSTN, a secure connection must be established. However, establishing this connection can raise quality of service issues. “Methods that may work well for securing data packets would decrease call quality too drastically” (Parizo, 2004.) To avoid this quality of service issue, companies must use UDP based VPNs between sites. Because TCP is a “reliable” protocol, that is it verifies packet deliver and resends lost packets, it is unsuitable for voice connections. Retransmission of lost voice packets would make communication unintelligible (Pitz, 2006.) One UDP based VPN solution is “OpenVPN,” an open source VPN application (Clark and Wink, 2005.)
While establishing a VPN tunnel provides a layer of security on the inside of the network, encryption is needed to secure the transmission once it leaves the network for the wilderness of the Internet. This again poses a quality of service issue. Many encryption methods designed for data networks are unsuitable for a voice application. To address this issue, the Secure Real Time Protocol was developed (Pitz, 2006.) SRTP adds an encryption layer to RTP, the standard VoIP protocol, using the widely accepted DES or RSA encryption standards.
Finally, a company must separate and protect the VoIP application server itself. As with
all systems, it is a must that IT departments deploy these systems in accordance with established standards and best practices. This includes, but is not limited to closing all unnecessary ports and services, limiting user access, and maintaining operating system and application patch levels. It would be a good idea to jail the VoIP application in a restricted environment. In the event of the VoIP software being compromised, the main system would still be survivable. Traffic from the VoIP server to the clients should be restricted to its own virtual LAN (Schwartz, 2006.) This will make sure that all traffic on that segment will be VoIP traffic, and make it easier to monitor for suspicious activities.
With diligence, Voice over IP can be deployed securely. If done properly, switching to VoIP can save a company a great deal of money compared to the traditional phone company. If these guidelines are ignored, however; a company’s voice communications become every bit as vulnerable as unencrypted email. It would be very easy for an industrial spy to capture phone conversations using an ordinary packet sniffer and recording software. This is a gamble most organizations cannot afford to lose.
August 1, 2006, from Web site:
www.softwink.com/papers/Installation_Securing_VoIP_With_Linux/
August 1, 2006, from Web site: www.acmqueue.org/modules.php?name=Content&pa=showpage&pid=209&page=1
August 1, 2006, from Web site: esj.com/Security/article.aspx?EditorialsID=1971
Parizo E. (2004). VoIP security daunting, but possible. Retrieved August 1, 2006,
from Web site:
searchvoip.techtarget.com/originalContent/0,289142,sid66_gci1028157,00.html
0 comments:
Post a Comment