Bl8ckr0uter wrote: » Anyone have a decent list of security readings for VOIP noobs? I am looking to set up an Asterix server at home but I also want a decent list of stuff for general knowledge of VOIP and the like.
shodown wrote: » WE don't like security its tomone else's job. Honestly I don't know of too many books that just focus on security for VOIP, I'm sure they are around in basic form. Most vendors have a best practice and in the CCNP voice its covered in the CIPT2 exam on some basic protection measures. I could point you in some directions if you were more specific IE Toll Fraud, Packet Sniffing, payment card theft and so on.
Bl8ckr0uter wrote: » Lol. I should have been more specific and clear: 1: I want to learn about VOIP. Any good vendor neutral books? A: In addition to learning VOIP, I would like to learn about common attack vectors regarding VOIP, how to test for them and how to fix them. I am a VOIP noob (as well as a general noob).
shednik wrote: » sexion's website may of be some interest - Home
Bl8ckr0uter wrote: » Yea I have read it. He is pretty much a monster (in a good way ) lol
sexion8 wrote: » Speak of ye devil... What would you like to know about, anything specific? Asterisk Intrusion Prevention 101A Simple Asterisk Based Toll Fraud Prevention Script Why Fail2Ban Fails 2 BanFailed2Ban Assorted Asterisk butchery I whipped uphttp://www.infiltrated.net/scripts/ Phorensix - Asterisk based honeypot incident responsePhorensix VoIP Forensics Tool For Asterisk 1 ≈ Packet Storm I also wrote a custom IPS slash anti-toll fraud platform for Audiocodes' Session Border controller using expect, perl and shell scripts and am now working on migrating them to my Acme Packet net-nets when I have the time.
Bl8ckr0uter wrote: » Hell I wouldn't even know what I am looking for so that I could even determine if something is an attack or not
sexion8 wrote: » Your approaching things the wrong way What is VoIP? At the end of the day it's all data. Voice converted into data and sent in a client/server configuration. As in email, you have a To a From and a Subject (SIP message type: OPTION, REGISTER, INVITE, etc.) Logging is pretty much the same as you would see in say /var/log/messages or Windows' Event Log.
sexion8 wrote: » Wish I could help on the Google side of things but I work at a Managed Service Provider which does ITSP (Internet Telephony Services Provider (think of a Vonage for Vonage)). So I deal with mainly trunking, session border controllers and managed PBXs (Avaya, CME, Asterisk, Allworx, Panasonic, Mitel, pbxnsip and the list goes on). I come from the systems slash networking slash security arena and have been involved with voip full time alongside security for 5 years straight, dabbling in it for a total of almost 8 years. When I first started it was as foreign as dropping me off in Vietnam. I went the RFC route, the breaking it route, the configuring it route, etc. My first week at the ITSP, I was given no instruction. Instead they handed me a punchblock, some Rhino channel banks, 6 servers and told me it needed to be up in a week for an install. Not understanding enough, I dug in... Dug in, dug in, kicked, shouted, drank coffee and never got it working... It was a joke. The system I was supposed to configure would have never worked as back then, Asterisk had little support for Rhino and Rhino's channel drivers were flaky. I even went as far as starting to re-program my own drivers... So yes it can be intimidating because when I GOT involved, my approach was flawed. I was thinking VoIP when at the end of the day, its still nothing more than data.
