|
The following article is a technical article explaining
how to protect your business from some of the pitfalls of a
comprehensive business VoIP solution. By being vigilant, you can
protect your business and business VoIP solution. By taking
action early, you can prevent attacks against your business.
Please visit www.VoIPChoices.com for a
comparison of the most popular VoIP providers
including several providers who offer
a free VoIP trial period. Pricing starts at $16.58/month for
Unlimited calling to the U.S. and Canada. Save money by doing
a side-by-side VoIP comparison by price
as well as features.
Security Checklist For Voip Service
Providers
By Dave Gladwin
It is often said that understanding the problem is 90%
of the solution, and VoIP security is no exception. It is fear of
the unknown which is likely to elicit a knee-jerk reaction of panic,
so the first step is to understand the threats and then classify
them. We also have to ask the question: what does security mean to
me and what does it mean to my customers?
Security to the customer
means protecting their device and identity and the continuity of
their service. Security to the service provider means protecting
their network their revenue and their customers. In this feature we
will look at service disruption and service
theft.
Disruption
A service can be disrupted by breaking the user's
device, flooding the IP network with traffic or breaking the service
provider's infrastructure. Disruption is usually achieved through
either Logic Attacks or Flood Attacks or Application Layer
Attacks.
• Logic attacks exploit vulnerabilities in protocols or
their implementations, e.g. Ping of death, Teardrop, Land
etc.
• Flood attacks disable targets through traffic volume;
a flood attack can originate from a single platform or from multiple
platforms.
• Application Layer Attacks include: SIP-SPAM, and
identity forging.
We can also divide the attacks into IP layer and SIP
layer thus:
IP Logic Attack / IP Flood Attack
SIP Logic Attack /
SIP Flood Attack
Application Layer attack
IP Logic Attacks
IP Logic attacks on SIP devices are no different to any
other IP device; these include well known exploits such as: Ping of
death, Teardrop, Land, Chargen and Out of sequence packets. All of
these can disable a device which has not been fully tested to
protect itself against these exploits.
IP Flood Attacks
IP Flood attacks include: SYN flood attack (TCP SYN
Floods are one of the oldest DoS attacks in existence), Smurf
Attack, Fraggle attack and the list goes on... These attacks are
designed either to overcome the device by tying up resources or to
simply overwhelm the network through shear weight of
traffic.
SIP Logic Attacks
SIP logic attacks exploit weaknesses in SIP signalling
implementations. Incomplete or incorrect fields, invalid message
types can disable not only client devices but also core network
devices. This type of attack can be countered by thorough testing of
any devices against suites such at the IETF SIP Torture test
developed through the SIPiT Events or the PROTOS Test-Suite,
developed by the University of Oulu.
A more sophisticated attack can be to inject messages
into a call to terminate it prematurely. This type of attack can be
largely avoided by the use of strong authentication techniques,
thus, the injected packet would not be authenticated and therefore
would be rejected.
SIP Flood Attacks
SIP flood attacks exploit weaknesses higher up the
communications stack that require more processing resources. As a
consequence, it takes a much smaller flood to cause disruption. For
example, one or more devices may send multiple registrations or call
requests to a server.
Countering this type of disruption requires network
based devices like Session Border Controllers (SBCs) to police the
signalling stream and rate limit registrations and calls to
Softswitches to predetermined limits. Acting as a proxy in the
signalling stream the SBC can also filter inappropriate protocols,
IP DoS attacks and invalid SIP messages. This helps compartmentalise
the network and restricts any disruption to just one network
segment.
Protect the User Device
These devices will typically be
incapable of rate limiting and may be overrun by flood attacks. This
means they are subject to both logic and flood attacks. Again the
user device will benefit from the protection afforded by network
based SBCs blocking DoS attacks and invalid SIP
messages.
Service Theft
A simple example of service theft is to signal that a
voice call it being made but exchange video data. This hits the
service provider on two fronts: a) loss of revenue by billing for
only a voice call and b) potential degradation in service quality
for other users resulting in dissatisfaction.
The structure of a VoIP call with separate media and
signalling streams has lead to some innovative ploys. For example, a
rogue PC client which transports media in the RTCP quality
monitoring stream, this is not policed in most networks. Another
ploy is to transport media in the call signalling then failing the
call before billing commences. Not only does this mean a free call
but repeated call set can cause huge signalling rates which are a
DoS attack in themselves.
The solution is to police all
components of the call. SBCs police the signalling and the media to
ensure that the call is executed as requested and that RTCP traffic
is within expected bounds.
Conclusion
Security is a vast subject and needs to be ubiquitous
in its implementation. Take care of the fundamentals
first:
Test, authenticate, protect, block, limit and
police.
• Test network elements against standard IP and SIP
test suites to ensure they can survive IP and SIP logic
attacks
• Implement strong authentication, identifying your
users protects their identity, protect their service and combats
disruption.
• Protect the Network by compartmentalizing it to
restrict the range of any disruption.
• Block malicious or inappropriate traffic – do not
propagate the problem.
• Limit the rate of traffic to core elements to ensure
the survivability of the service.
• Police all aspects of the traffic flowing across the
network to prevent fraudulent or inappropriate
use.
A secure and dependable service brings with it benefits
to users and provider alike. It will build user confidence which in
turn creates dependable revenue for the service provider and by
addressing the basics from day one, need not be complex or
expensive.
| 
