VOIP security

From Wildsong
Jump to navigationJump to search

Best practices

Keep your PBX behind a firewall.

Read and follow the advice in the Asterisk source code on best practices.

Vulnerability testing tools

SIPVicious http://sipvicious.org/

  • svmap - scanner
  • svwar - identify extensions
  • svcrack - exploit weak passwords
  • svreport - reporting tool

VOIPPack for Canvas

IaxPingPoker

Wireshark

sipsak

sipp

vomit

Books

Hacking VOIP Exposed

Hacking VOIP, No Starch Press, 2008

Contacts

From Digium sponsored "Asterisk VOIP Security" 2009 webinar

VOIPSA = VOIP Security Alliance http://voipsa.org



Special agent Michael T McAndrews
FBI - Oklahoma City Division
[email protected]
405-290-7770