VOIP security

From Wildsong
Jump to navigationJump to search

Best practices

Keep your PBX behind a firewall.

Read and follow the advice in the Asterisk source code on best practices.

Tools

http://voipsa.org/Resources/tools.php

http://hackingvoip.com/sec_tools.html

SIPVicious http://sipvicious.org/

  • svmap - scanner
  • svwar - identify extensions
  • svcrack - exploit weak passwords
  • svreport - reporting tool

VOIPPack for Canvas

IaxPingPoker

Wireshark

sipsak

sipp

vomit

Books and docs

Hacking VOIP Exposed

Hacking VOIP, No Starch Press, 2008

NIST SP800-58 "Secuiryt consideratoins for VOIP Systems"

Contacts

From Digium sponsored "Asterisk VOIP Security" 2009 webinar

VOIPSA = VOIP Security Alliance http://voipsa.org



Special agent Michael T McAndrews
FBI - Oklahoma City Division
[email protected]
405-290-7770

Retrieved from "https://wiki.wildsong.biz//index.php?title=VOIP_security&oldid=9566"