Category: Security

We can protect our voice network with simple Auxiliary VLAN but sometimes to be more secure Auxiliary VLAN are not enough. In this case we can use Security appliances such firewalls or VPN termination devices or both.

Firewall maybe seems like very clean and simple mechanism to protect RTP protocols transmitted voice packets but there’s a problem. Protecting voice networks with a firewall is not so simple because we are not sure what UDP port will be used by the RTP voice packets flow.

If we look at some Cisco network architecture and Cisco device environment, a UDP port for an RTP stream is an random port selected from the pool of 16,384 to 32,767. We surely don’t want to open all those ports on firewall just to be sure that the VoIP will function well. So many open ports may be seen from other side like a bunch of security holes.

Ways to ensure the voice network security are many. In this article we will se the first of them that must be configured in every serious network. Implementing Auxiliary VLANs will make VoIP Networks more secure using separated VLANS for data traffic and voice.

Voice and data traffic will be transferred in the same way across the same cable and same switch by default. That means that calls and all other network traffic will be transferred in the same time in the same way and every user on the network will be able to see that data using some network sniffing tool like Wireshark. This default network setting may be used to capture call packets that are crossing the network and attacker can reproduce the call in .mp3 or some other sound format. We need to separate voice network from data network completely in order to make impossible to sniff call packets from user computer. 

We mentioned earlier all different attacks that can be focused to our VoIP network. Now is the time to see how we can apply different protection methods to avoid VoIP quality mitigation that can be started by all those attacks.

Separating voice traffic from data traffic with voice VLANs or by use of VPNs and firewall to protect voice traffic can easily prevent basically all most common attacks. One more thing that is important and often ignored is the security of voice endpoints and servers that can be increased with some simple configuration changes.

Cyber intellect worm “Flame” came up to notice of the experts first time at Kaspersky Lab when a specialized agency of UN “International Telecommunication Union” (in charge of information and communiqué technologies) approaches to these experts for assistance in finding an unfamiliar and mysterious malware. The Flame as a powerful computer virus has removed the highly sensitive information all over the Middle East; especially it has affected the Iran mainly.

Vishing and Toll Fraud

Vishing is quite similar to the term Phishing and it means collecting private information over the telephone system.

In the technical language the terminology of phishing is a recent addition. The main concept behind phishing is that –mail is sent to user by an attacker. The e-mail looks like a form of ethical business. The user is requested to confirm her/his info or data by entering that data on the web page, such as his/her “social security number”, even “bank or credit card account” number, “birth date”, or mother’s name. The attacker can then take this information provided by the user for unethical purposes.