Tag: security

We all are familiar with the term ‘firewall’ but majority of us don’t know the source of its origination. It is actually a terminology used for describing a part of automobile that separated the automobile’s interior from the compartment of engine. In the world of network this term is used metaphorically to show the way internal networks are separated from the hazards of external world. With the help of firewalls the networks are divided into various physical networks and as a result of this the occurrence of potential damages can be controlled otherwise these damages can spread to different subnets.

This works in the same way as the original firewalls worked to stop the spreading of a fire.

Ways to ensure the voice network security are many. In this article we will se the first of them that must be configured in every serious network. Implementing Auxiliary VLANs will make VoIP Networks more secure using separated VLANS for data traffic and voice.

Voice and data traffic will be transferred in the same way across the same cable and same switch by default. That means that calls and all other network traffic will be transferred in the same time in the same way and every user on the network will be able to see that data using some network sniffing tool like Wireshark. This default network setting may be used to capture call packets that are crossing the network and attacker can reproduce the call in .mp3 or some other sound format. We need to separate voice network from data network completely in order to make impossible to sniff call packets from user computer. 

Vishing and Toll Fraud

Vishing is quite similar to the term Phishing and it means collecting private information over the telephone system.

In the technical language the terminology of phishing is a recent addition. The main concept behind phishing is that –mail is sent to user by an attacker. The e-mail looks like a form of ethical business. The user is requested to confirm her/his info or data by entering that data on the web page, such as his/her “social security number”, even “bank or credit card account” number, “birth date”, or mother’s name. The attacker can then take this information provided by the user for unethical purposes.

The Attack of SIP protocol

We previously discussed in this blog the SIp protocol. We have also said that “Session Initiation Protocol” (SIP) is becoming popular quite fast and it has also achieved quick acceptance in “mixed-vendor VoIP networks”. One of the most striking properties of SIP is its use of “existing protocols”. And by default, SIP messages are sometimes sent in the form of plain (normal) text.

This is quite unfortunate as the very properties that make SIP striking can also be leveraged by attackers to make a compromise regarding the security of a particular SIP network.

VoIP spam

Until and unless your e-mail account is guarded well with the help of a “spam filter”, you most likely and infrequently receive unwanted e-mails. Spam is annoying and irritating for the person using e-mails. VoIP supervisors and administrators should be well aware and familiar with VoIP spam, which is generally known as (SPIT) “spam over IP telephony”.