VOIP security: Difference between revisions
Brian Wilson (talk | contribs) |
Brian Wilson (talk | contribs) m →Tools |
||
(3 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
Keep your PBX behind a firewall. | Keep your PBX behind a firewall. | ||
Read and follow the advice in the Asterisk source code on best practices. | Regularly review your dial plan and tune and test it. | ||
Read and follow the advice in the Asterisk source code on best practices. | |||
Remove unneeded modules | |||
Limit services running on the PBX server | |||
Use ACLs | |||
Use VPNs between sites | |||
Back up log files | |||
Config files should not be world readable. | |||
== Tools == | == Tools == | ||
Line 9: | Line 23: | ||
http://voipsa.org/Resources/tools.php | http://voipsa.org/Resources/tools.php | ||
http://hackingvoip.com/sec_tools.html | |||
SIPVicious http://sipvicious.org/ | SIPVicious http://sipvicious.org/ | ||
Line 25: | Line 40: | ||
sipsak | sipsak | ||
[[SIPp]] | |||
vomit | vomit | ||
== Books == | == Books and docs == | ||
Hacking VOIP Exposed | Hacking VOIP Exposed | ||
Hacking VOIP, No Starch Press, 2008 | Hacking VOIP, No Starch Press, 2008 | ||
NIST SP800-58 "Secuiryt consideratoins for VOIP Systems" | |||
== Contacts == | == Contacts == |
Latest revision as of 19:12, 19 June 2016
Best practices
Keep your PBX behind a firewall.
Regularly review your dial plan and tune and test it.
Read and follow the advice in the Asterisk source code on best practices.
Remove unneeded modules
Limit services running on the PBX server
Use ACLs
Use VPNs between sites
Back up log files
Config files should not be world readable.
Tools
http://voipsa.org/Resources/tools.php
http://hackingvoip.com/sec_tools.html
SIPVicious http://sipvicious.org/
- svmap - scanner
- svwar - identify extensions
- svcrack - exploit weak passwords
- svreport - reporting tool
VOIPPack for Canvas
IaxPingPoker
Wireshark
sipsak
vomit
Books and docs
Hacking VOIP Exposed
Hacking VOIP, No Starch Press, 2008
NIST SP800-58 "Secuiryt consideratoins for VOIP Systems"
Contacts
From Digium sponsored "Asterisk VOIP Security" 2009 webinar
VOIPSA = VOIP Security Alliance http://voipsa.org
Special agent Michael T McAndrews
FBI - Oklahoma City Division
[email protected]
405-290-7770