VOIP security: Difference between revisions
From Wildsong
Jump to navigationJump to search
Brian Wilson (talk | contribs) m →Books |
Brian Wilson (talk | contribs) m →Tools |
||
| Line 9: | Line 9: | ||
http://voipsa.org/Resources/tools.php | http://voipsa.org/Resources/tools.php | ||
http://hackingvoip.com/sec_tools.html | |||
SIPVicious http://sipvicious.org/ | SIPVicious http://sipvicious.org/ | ||
Revision as of 17:50, 30 March 2016
Best practices
Keep your PBX behind a firewall.
Read and follow the advice in the Asterisk source code on best practices.
Tools
http://voipsa.org/Resources/tools.php
http://hackingvoip.com/sec_tools.html
SIPVicious http://sipvicious.org/
- svmap - scanner
- svwar - identify extensions
- svcrack - exploit weak passwords
- svreport - reporting tool
VOIPPack for Canvas
IaxPingPoker
Wireshark
sipsak
sipp
vomit
Books and docs
Hacking VOIP Exposed
Hacking VOIP, No Starch Press, 2008
NIST SP800-58 "Secuiryt consideratoins for VOIP Systems"
Contacts
From Digium sponsored "Asterisk VOIP Security" 2009 webinar
VOIPSA = VOIP Security Alliance http://voipsa.org
Special agent Michael T McAndrews
FBI - Oklahoma City Division
[email protected]
405-290-7770
