Dedicated VoIP over local area networks (LAN) / wide area networks (WAN)
A dedicated VoIP over a LAN / WAN configuration may also be described as enterprise-dedicated VoIP. These deployments represent the use of VoIP within the network definition of a single enterprise — transmitting voice traffic over dedicated facilities between offices. The “dedicated” label implies that the traffic does not connect with an outside service provider framework such as the public switched telephone network (PSTN) or that of an Internet service provider (ISP). This label and construct does not imply that this structure is free from attack.
Open VoIP and the PSTN
Open VoIP and the PSTN refers to deployments where voice calls either originate or terminate in traditional analog form and at switch to the PSTN for a portion of the call. In this case, the analog portion of the calls would take place outside of the enterprise. The term “open” implies that at some point the call travels over an uncontrolled — from the enterprise’s perspective — or unsecured network.
Open VoIP and an ISP
Open VoIP and an ISP deployment involves a minimum of two stages in the IP portion of call handling, where calls originate or terminate on the enterprise’s IP network and at some point are handled by the IP network of an ISP. These calls may also be analog and travel over the PSTN at some point, depending on the technology at the originating or terminating point. Again, “open” refers to the fact that at some point, the call is outside the control and oversight of the enterprise.
VoIP networks exist and operate in a state of high vulnerability simply due to the nature of how and under what metrics they are initially deployed. Organizations deploying VoIP today initiate the process with a primary or sole focus on throughput and quality of service.
Security issues are often secondary if considered at all. Service quality is and always will be an important component of voice transmission in both analog and digital forms. However, organizations must realize that voice in a digital packet form is highly susceptible to the same — or possibly greater — number of attacks as the core data network.
VoIP is Data
VoIP is data and is transmitted in digital packet form. This means that the voice transmissions can be now attacked, hacked, intercepted, manipulated, re-routed and degraded just as any data packet on the data network can. Viruses, worms, trojan horses, denial of service attacks and hijacking are all possibilities on the VoIP network.
Immature VoIP-Oriented Operating Systems
VoIP is a nascent market and early-adopted technology, and the underlying operating systems that deploy and support VoIP processing can be viewed similarly, which means that these operating systems and applications are as vulnerable as data network-based operating systems were in the early stages of their development and deployment.
Operating systems and supporting applications are also often installed using their default configuration, which has little or no security structure, therefore ensuring that the system or application is vulnerable from the moment it becomes operational.
Where VoIP is Vulnerable
VoIP deployments generally make use of at least three tangible components and operate over various signaling and transport protocols. The components and protocols play a vital role in the management and transmission of the data packets, and also represent weak points and opportunities for malicious activities.
The End Points/Customer Premise Equipment
The IP Phone is a new desktop phone configured and equipped specifically for IP-based voice calls. Vulnerabilities in the underlying operating system and supporting software dedicated to the specific unit introduce risks.
The PC-Based IP Phone, a software application that provides IP phone capabilities via the user’s PC, is susceptible to attack as a result of its relation to the underlying operating system and installed applications on the PC. In addition, the PC resides on the data segment of the portioned network, which may allow for crossover attacks originated in the VoIP segment and vice versa.
The Central Administration/Call Processing and Management Application
The central administration/call processing and management application acts as the “switch” for IP-based voice traffic. This application often is installed and runs on a dedicated server or PC and is subject to the same security issues as any server or PC in the network or enterprise. The central administration/call processing and management application is the most vital link in the VoIP architecture but is seen as the “single point of failure” and therefore may be the most common target of attack.
The Voice Mail System/Server The voice mail system/server is the storage, retrieval and “auto-attendant” mechanism for IP-based voice mail. The voice mail server would be a likely target for “prank-oriented” attacks — such as altering messages — in addition to standard attacks such as eavesdropping, spamming and others.
The Protocols VoIP utilizes several protocols for establishing, maintaining, transporting and terminating the voice calls represented by digitized voice packets. The call or session management protocols (Session Initiation Protocol or SIP and H.323) are responsible for establishing, maintaining and terminating the call and are susceptible to common attacks such as attempts to overflow one of the central administration/call processing and management application’s buffer, which the attacker uses to establish “root access.” The call transport protocols, such as Real-Time Transfer Protocol (RTP), will undoubtedly present vulnerabilities themselves due to the fact that they are relatively new and evolving and have yet to receive a great deal of “real world hardening.”
How VoIP Can Be Exploited
As illustrated earlier, VoIP has inherent weaknesses and is vulnerable at multiple points in the framework. VoIP must be secured in order to ensure the availability of the voice system, protect the content value of voice conversations and protect the integrity of the overall communications system.
Due to its default construction and deployment, VoIP is susceptible to a number of easily anticipated and defined attacks.