Author: Valter Popeskic

Vishing and Toll Fraud

Vishing is quite similar to the term Phishing and it means collecting private information over the telephone system.

In the technical language the terminology of phishing is a recent addition. The main concept behind phishing is that –mail is sent to user by an attacker. The e-mail looks like a form of ethical business. The user is requested to confirm her/his info or data by entering that data on the web page, such as his/her “social security number”, even “bank or credit card account” number, “birth date”, or mother’s name. The attacker can then take this information provided by the user for unethical purposes.

The Attack of SIP protocol

We previously discussed in this blog the SIp protocol. We have also said that “Session Initiation Protocol” (SIP) is becoming popular quite fast and it has also achieved quick acceptance in “mixed-vendor VoIP networks”. One of the most striking properties of SIP is its use of “existing protocols”. And by default, SIP messages are sometimes sent in the form of plain (normal) text.

This is quite unfortunate as the very properties that make SIP striking can also be leveraged by attackers to make a compromise regarding the security of a particular SIP network.

VoIP spam

Until and unless your e-mail account is guarded well with the help of a “spam filter”, you most likely and infrequently receive unwanted e-mails. Spam is annoying and irritating for the person using e-mails. VoIP supervisors and administrators should be well aware and familiar with VoIP spam, which is generally known as (SPIT) “spam over IP telephony”.

These days IP phones are easily obtainable and abundant in many corporate fields, they have become striking targets for attackers. Also VoIP administrators should keep an eye against VoIP differences, of fishing and spam as both are very popular in e-mail fields, and also as toll fraud, which is rather frequent in PBX fields. This article is about mentioning all the popular attack targets for a VoIP network and seeing how there are deployed.

BGP is the Internet routing protocol. He is making the Internet work.

BGP protocol performs actions by maintaining IP networks table for the biggest network in the world – The Internet. The BGP protocol, as a code of behavior, supported core routing decisions over the Internet.  Instead of using traditional IGP (Interior Gateway Protocol) metrics, BGP protocol relies upon available path, network guidelines and rule-sets for routing decision making purposes. And just for this feature, it is sometimes expressed as a reachability protocol. The main idea behind the BGP creation was to replace the EGP (Exterior Gateway Protocol) to permit a complete decentralized routing. NSFNET backbone is the best example of a decentralized system.