I just spotted this and I thought it was most definitely worth a look.

Here's the basic info:

Product Description
Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it's notoriously lacking in security. With minimal effort, hackers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.

Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If you're serious about security, and you either use or administer VoIP, you should know where VoIP's biggest weaknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.

Hacking VoIP will introduce you to every aspect of VoIP security, both in home and enterprise implementations. You'll learn about popular security assessment tools, the inherent vulnerabilities of common hardware and software packages, and how to:

* Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phishing
* Audit VoIP network security
* Assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk, and home VoIP solutions like Yahoo! and Vonage
* Use common VoIP protocols like H.323, SIP, and RTP as well as unique protocols like IAX
* Identify the many vulnerabilities in any VoIP network

Whether you're setting up and defending your VoIP network against attacks or just having sick fun testing the limits of VoIP networks, Hacking VoIP is your go-to source for every aspect of VoIP security and defense.

About the Author
Himanshu Dwivedi is a leading security expert and researcher. He has published four books, Hacking Exposed: Web 2.0 (McGraw-Hill), Securing Storage (Addison Wesley), Hacker's Challenge 3 (McGraw-Hill), and Implementing SSH (Wiley). A founder of iSEC Partners, Himanshu manages iSEC's product development and engineering, specialized security solutions, and the creation of security testing tools for customers.

Technorati Tags: VoIP, VoIP security, VoIPSec

Posted by Ken Camp | Permalink | Comments (0) |

Here's a great post from my good friend Dan York over on the VOIPSA blog. Dan chairs the VOIPSA Best Practices group and is highly renowned as one of the leading practitioners in VOIP security. If you haven't heard him speak in person, do watch for him at one of the conferences you're attending. He's among the best presenters you'll ever watch.

Technorati Tags: VoIP, VoIP security, InfoSec, Dan Yoirk, VOIPSA

Posted by Ken Camp | Permalink | Comments (0) |

Next week is Global Security Week, and it's important enough that we need to pay attention and acknowledge the importance of security here too. Global Security Week runds from September 8th to 11th. This year's theme is

Find out about GSW events here. Download free briefings, posters and other security awareness materials from their freebies page. Keep up with news via the GSW blog. Read ther FAQ for tips on organizing security awareness activities.

And while you're reading, pop over to the Realtime IT Compliance Community and read Easy Things To Do for Global Security Week, September 8 - 12

Posted by Ken Camp | Permalink | Comments (0) |

In the many blogs I read, one that I always stop at is the Nortel Voice Security blog. This morning there's a great post bu Tom SeSot from Digital Defense. Tom joins from time to time as a guest writer. Here's a snip -

Voice Security: Getting from here to there
The Argument Begins
In my last post I talked primarily about how many organizations are looking to utilize vulnerability assessments to learn what issues are being introduced into their enterprise by newer IP based voice systems. Before I went any further in the discussion, I wanted to cover off on a topic many organizations neglect to consider before assessing their networks, whether voice or data. The topic is risk evaluation and system prioritization.

While I do not think any reader would dispute the need to conduct vulnerability assessments and subsequently patch any systems where issues are discovered, many would debate what systems take priority in the grand scheme of things. I have seen plenty of discussions regarding system priority turn into outright melees as each person jumps into the fray with their rationale for why a particular system or group of systems falls higher on the importance scale than something else. This is especially true when you mix voice and data folk. Who is right? Who is to say?
[Read the full post]

Security, in the network, and in our voice services is a topic we covered a lot here in the past, but haven't talked about in great detail lately. Tom's article is a great reinforcement of the basic precepts for all network security.

• Confidentiality
• Integrity
• Availability

Without these basics as the cornerstone of our security mindset, all the nuance and dabbling we might do with settings and gadgets is for naught. We absolutely most approach all our network services with the idea that these three requirements are as important to sustaining a business service network as connectivity.

Posted by Ken Camp | Permalink | Comments (2) |

One of the people I connected with in the course of my security work is Dan Kaminsky. Dan's a widely respected security researcher and I was really pleased when he joined IOActive as Director of Penetration Testing. Josh Pennell and the IOActive team are friends and some of the sharpest security minds in the business.

While DNS problems might not sound like they fit in the world of unified communications. Dan's latest find is a big enough issue that I think it's wroth sharing here.

My colleague Dan Sullivan describes it here on the Realtime Messaging and Web Security Community.

DNS Cache Poisoning Code Now Publicly Available

As predicted it didn't take long for exploit code to become available to the DNS vulnerability found by Dan Kaminsky.

Ryan Naraine and Nathan McFeters has details and analysis here with updates here.

The code is available for Metasploit making it readily available to anyone with the open source tool. It's hard to imagine anyone who hasn't patched not dropping everything else this morning to get this patched.

If you haven't already patched your DNS, go do so now.

Technorati Tags: attack code, Dan Kaminsky, DNS poisoning, DNS vulnerability, Metasploit, patching

Posted by Ken Camp | Permalink | Comments (0) |

Here's a news release I got from my friends over at Koolspan. Word is that KoolSpan will be using the financing to fulfill global demand for its flagship TrustChip-based solutions, including TrustChip Voice, one of the most innovative products on the market for secure cellular/mobile to mobile communications. I'm in the process of setting up a phone chat with Tony Fascenda, Koolspan's CEO to get the full story.

Congrats to Tony and the Koolspan team.

KOOLSPAN, DEVELOPER OF TRUSTCHIP, RAISES $7.1 MILLION

Equity financing from Security Growth Partners, TWJ Capital, Rose Tech Ventures and New York Angels to fund global roll-out of micro SD security solution.

Bethesda, Md., April 8, 2008– KoolSpan, Inc. today announced it has closed a $7.1 million equity financing led by New York-based Security Growth Partners, together with TWJ Capital, Rose Tech Ventures, and members of New York Angels. KoolSpan's TrustChip™ crypto engine is a self-contained authentication, encryption and key management platform. Proceeds of the financing will be used to fulfill global demand for TrustChip-based solutions including TrustChip Voice, which creates instant AES-encrypted links among offthe- shelf mobile phones.

“The KoolSpan TrustChip platform is designed for the rapidly growing mobile-to-mobile and machine-to-machine markets,” said KoolSpan CEO Tony Fascenda. “With each non-PC device that becomes network-connected, the need for a self-contained, highly-scalable security solution grows. TrustChip meets this need, whether plugged into an enterprise smart phone, embedded into critical infrastructure monitoring equipment or incorporated into industrial assembly equipment.”

While a hardened crypto processor, TrustChips are designed to make use of industry standard SD
memory slots (micro, mini and full size) available on cell phones, computers and other devices. KoolSpan TrustChips feature a streamlined device-to-device architecture, providing their host devices strong mutual authentication, fully-encrypted network connectivity, as well as secure storage.

“Cell phones were originally designed for portability and ease-of-use, not security,” said Security
Growth Partners CEO Elad Yoran. “However, today we use cell phones not only to make phone calls, but
also like laptop computers. The trouble is that neither the voice side nor the data side of cell phones is secure.

KoolSpan’s TrustChip engine solves this critical business problem simply and cost effectively. It also
provides a platform upon which third-party developers, OEMs and enterprise customers can deploy
applications that run securely on the large number of cell phones that are TrustChip compatible.”

KoolSpan technology has been rigorously tested and reviewed by top security research organizations
in the United States government, as well as many industry trade publications. KoolSpan is an Information

Security Magazine/TechTarget Readers Choice Award winner for Best Emerging Technology, a category
winner of the 2007 SC Award for Best Multi-Factor Authentication technology, and was featured by the
editors of Network World as one of the Top Ten "Security Companies to Watch.” KoolSpan’s TrustChip
platform and TrustChip Voice are currently being evaluated by more than two dozen global corporations and government organizations.

About KoolSpan:
Based in Bethesda, Md., KoolSpan is an innovator of secure connectivity solutions that seamlessly unite mission-critical network devices. From smartphones to servers, KoolSpan's TrustChip™ crypto engine creates secure and trusted connections between any two points independent of network boundaries. www.koolspan.com.

About Security Growth Partners LLC:
Security Growth Partners (SGP) identifies, invests in and supports companies that provide key emerging security solutions. SGP serves a large and diverse industry including, among others, information technology (IT) security, Critical Infrastructure Protection (CIP), homeland security and their related markets. www.SecurityGrowth.com.

About TWJ Capital:
TWJ Capital makes growth equity investments in expansion stage companies which need "acceleration capital" to achieve growth inflection, and venture capital investments in start-up and early stage companies. Portfolio concentrations include retail, telecommunications software, acoustical electronics
and devices, and Internet business-to-business services. www.twjcapital.com.

About Rose Tech Ventures
Rose Tech Ventures, based in New York, is an early stage investment fund, incubator, and support infrastructure dedicated to finding, nurturing and launching the next generation of world class ventures. www.rose.vc.

About New York Angels:
New York Angels is the leading business angel investment consortium in the Greater New York region. Since 1997, the 70 members of the group and its predecessor organization have invested over $40 million in more than 75 new ventures. The members of New York Angels are entrepreneurs, CEO's, venture capitalists and business leaders who themselves have founded, funded and built world-class companies. www.newyorkangels.com
###

Technorati Tags: Koolspan, Tony Fascenda, Security Growth Partners, TWJ Capital, Rose Tech Ventures, New York Angels, security, InfoSec

Posted by Ken Camp | Permalink | Comments (0) |

I saw a fascinating post from Dan Morrill over on the ITtoolbocxBlogs yesterday. I tagged it then, but am only jsut now getting to post some thoughts.

Dan talks about an interesting new attack vector on our security. Because I talk a lot about Software as a Service (SaaS), Software Oriented Architecture (SOA) and Communications Enhanced Business Process (CEBP), this post in particular seems worth a mention because it does raise a new threat vector for us all to think about.

It's important when we converge network services with enterprise business applications that we take methodical approaches and adhere closely to industry best practices and standards so that we don't open up unintentional gaps in our enterprise security. The last thing we need is malware running as a service in an enterprise network.

Nice writeup and a worthwhile subject for discussion.

Malware as a Service

Dan Morrill (Security Project Manager) Posted 2/27/2008

Interesting new research was released today on Malware as a Service, with credentials stolen, and researchers cracking malware. Security Company Finjan reports the first indication that the theft of FTP credentials was caused by hackers installing code at the Software as a Service (SaaS) level.

What’s notable about this development is that hackers are using a software as a service (SaaS) model to deliver applications that are designed to abuse and trade FTP accounts. According to Finjan, this database may be the first use of SaaS for something other than legitimate means. Maybe we could call it HaaS: Hacking as a service. Source: ZDNe

[Read Dan's Full Post]

Technorati Tags: Malware as a Service, SOA< Saas, CEBP, InfoSec

Posted by Ken Camp | Permalink | Comments (0) |

Last week I had the chance to talk with Luc Roy at Siemens again. Luc leads a lot of the mobility efforts going on at Siemens and he's always got something interesting in the works. We talked about the latest announcement from Siemens that's hitting the wires everywhere today. The press release itself is down at the end of this post.

As the workforce becomes more mobile, workers need to be able to communicate with the same kind of effectivenetss no matter where they are: in meetings, shared workspaces, in the board-room, on the factory floor, or anywhere in between. Enterprise mobility means a lot more than just working without being wired to the network. It really means seamless connectivity from anywhere on the enterprise premises. It means unified voice, video, and data communications that follow workers, and not the other way around. This new Siemens HiPath Wireless looks to deliver on the promise of enterprise mobility.

Here's some info from one of the product documents they provided:

HiPath Wireless Engineered Mobility – Taking care of business

It starts with open, pervasive wireless connectivity
The key to advanced enterprise mobility is extending wireless network coverage wherever the workforce goes: indoors, outdoors, on the factory floor, and even beyond the boundaries of the enterprise. This wireless network absolutely must deliver high performance while being secure, manageable, reliable, and scalable in all of these places. HiPath Wireless delivers on all of these counts with award-winning security and management capabilities, as well as a suite of robust, high-performance platforms designed for companies of all sizes, and capable of delivering coverage in practically any location – even where wires can’t go.

The most complete WLAN and FMC portfolio
Siemens’ Enterprise-wide Foundation for Mobility suite of products and services offers all of the elements needed to deliver well-integrated end-to-end enterprise mobility. Siemens’ family of award-winning SIP-based IP communications platforms and a full range of IP phones provide a firm base for unified communications that HiPath Wireless can stretch across the entire enterprise. HiPath MobileConnect can then extend this enterprise mobility foundation out beyond the doors of the enterprise and into the public network, enabling seamless communication and collaboration virtually anywhere.World class service offerings provide the expertise needed to effectively bring all these pieces together.

The industry’s best VoWLAN performance and call quality
HiPath Wireless is unrivalled when it comes to delivering enterprise-grade voice over WLAN (VoWLAN). HiPath Wireless’ unique Distributed Packet Processing architecture optimizes traffic flow as well as advanced encryption and QoS functions to provide a high-performance backbone for voice, video, and data. Siemens is committed to maintaining leadership by supporting the latest QoS, roaming, and call admission control features and standards.

Multiple mobile solutions on a single WLAN infrastructure
No other WLAN solution is able to match HiPath Wireless when it comes to running a number of optimized mobility solutions on the same WLAN infrastructure. Siemens’ powerful VNS segmentation mechanism makes it easy to deploy new solutions on the existing WLAN infrastructure – each with optimal security, QoS, and network access settings – without having to re-configure the entire network. In conjunction with Siemens’ Distributed Packet Processing architecture, it is possible to optimize traffic flow on a per-solution basis, ensuring the optimal performance for each application.

Open Services Framework
Siemens has worked with mobile application and device partners from around the world to deliver certified solutions designed to meet your company’s mobility needs. The HiPath Ready designation ensures that customers are getting proven solutions, and a suite of open APIs ensures that further integration with the HiPath Wireless portfolio is fast and easy.

Siemens unmatched expertise
Siemens has established a reputation as a leading supplier of business solutions across a broad range of industries. Nobody else can deliver all the expertise needed to integrate applications and processes into efficient, high-value mobile business process solutions. This wide-ranging expertise forms the basis of Siemens’ innovative wireless communication solutions for businesses of every size and in a variety of sectors.

From Siemens – it’s open of course!
Siemens commitment to Open Communications ensures that enterprises can build their own OpenPath to FMC. No matter what stage your company is at or how ambitious your mobility strategy is, Siemens can help today while laying the foundation for the future.

That's a lot of promise, but in my experience watching Siemens closely for the past couple of years, they always deliver what they promise.



As Luc described to me, there are three really key areas Siemens initially saw this sort of offering focused on. The conferencing industry, which includes education facilities, healthcare and manufacturing. These enterprises all ahve a driving need for solid solutions that solve the POE problem with 802.11n. Siemens does that. After we talked, I understood how easy to manage the solution this new HiPath Wireless is, and how other network elements won't require forklift upgrading. In short, it integrates into the existing environment very easily. Luc and I talked about how this really provides a strong 802.11n WiFi solution for medium businesses across all sectors too.

Here's the big news in a quick nutshell. It's all about power.


Here's what Siemens is doing:


There's a reason I think this solution is a hot lead for the medium business market. Here's what I saw that really excited me -



WIPS security, the idea of wireless intrusion prevention and detection solutions is still a daunting challenge to many organizations. In particular, mid-sized companies who don't have the technical resources to focus on speciality areas of network security technologies tend to find themselves stymied with this sort of solution. Seimens bundling WIPS functionality right in the devices makes this solution a real no brainer.

Siemens Solves Power over Ethernet Challenge for 802.11n Deployments

Architecture and power consumption innovations drive down costs and complexity of 802.11n deployments

As more enterprises embrace mobility, they are faced with an increasing need for cost-effective, higher-performance wireless LANs (WLANs). While 802.11n delivers the higher speed and improved range they want, the cost and complexity of enabling an existing network to handle 802.11n has held many enterprises back. The new HiPath® Wireless 802.11n solution from Siemens Enterprise Communications is the first 802.11n solution to offer innovative architecture and power consumption capabilities to make the migration to fully functional, faster, more reliable 802.11n networks easier and more cost-effective. This secure wireless solution is a key part of Siemens’ open communications portfolio.

802.11n offers substantial benefits over previous wireless standards, with speeds up to five times faster than traditional WLANs, greater range and improved reliability to support high-performance mobile applications, such as HD video, high-resolution imaging and voice over wireless LAN (VoWLAN). However, with these benefits has come the considerable challenge of integrating the access points into an existing network, since additional power is required for dual-band 3x3 radios (those functioning in both the 2.4 and 5GHz bands) to work at optimum performance levels.

HiPath Wireless is the first solution to provide full dual-band 3x3 MIMO and 802.11n functionality that complies with the 802.3af Power-over Ethernet (PoE) standard, so enterprises can enjoy the highest performance without additional costs. Most enterprise WLANs rely on 802.3af switches, but the six radios used by 802.11n access points tend to draw more power than these switches can provide over a single connection. Some existing 802.11n solutions use a reduced number of radios or frequency bands, or force customers to simultaneously upgrade to higher-wattage, proprietary non-standard PoE switching infrastructure, resulting in significantly reduced performance and more complex and costly deployments.

“Enterprises are excited about 802.11n and the potential for new, high-performance wireless applications. But so far they have been hesitant to embrace the new technology out of concern that it will require significant changes to their existing network,” said Paul DeBeasi, senior analyst for Burton Group. “Siemens’ dual-band, 3x3 MIMO Access Points enable enterprises to deploy an 802.11n network using their existing 802.3af-compliant infrastructure.”

Siemens 802.11n solution enables enterprises to realize the full benefits of 802.11n, without costly upgrades to the backbone network and wireless controller infrastructure, thanks to its unique VNS (Virtual Network Services) architecture. The VNS architecture provides performance optimisation for high-bandwidth applications by intelligently routing network traffic between the edge of the network and the core, depending on the application and available network capacities, to maximise the bandwidth that can be achieved on the network. This architecture was designed to achieve optimal high-bandwidth performance without requiring upgrades to the existing wired network controllers, making it easier and more cost-effective to deploy and integrate the solution across the enterprise. Competitive solutions that require all traffic to be forwarded to the central WLAN controller lead to the potential for significant bottlenecks due to the substantially higher bandwidth of 802.11n. Many vendors require costly upgrades to the wired backbone and new wireless controllers to fully implement 802.11n.

Georgia World Congress Center (GWCC), one of the world’s leading convention, sports and entertainment venues, deployed the previous version of Siemens’ HiPath Wireless solution in December 2005 in response to increasing demand from venue users for wireless connectivity. With a campus that includes a 3.9 million square foot conference centre, the Georgia Dome stadium and the 21-acre Centennial Olympic Park, GWCC enjoyed the flexibility and ease of use offered by the Siemens system. They are preparing to begin field trials of the new 802.11n HiPath Wireless solution in January 2008, to take advantage of the increased speed, range and reliability of 802.11n.

“We’ve been very pleased with the functionality and stability of our existing Siemens HiPath Wireless solution, and we’re excited about the potential that 802.11n offers for improved performance and range,” said Sam Brown, Director of IT Services for the centre. “The fact that Siemens’ 802.11n portfolio does not require us to upgrade our switching infrastructure or our WLAN controllers ensures that we can seamlessly integrate 802.11n into our network with minimal cost and effort. Continuing to be a leader in technology in the convention industry is important to us. When we can increase speed, range and reliability of our wireless system, we know it’ll be great for our customers.”

Siemens’ 802.11n solution includes two new 802.11n HiPath Wireless Access Points, AP3610 (internal antenna) and AP3620 (external antenna), a new version of HiPath Wireless Convergence Software (V5 R1) that enables controllers to recognise and manage 802.11n access points, and a new version of HiPath Wireless Manager HiGuard that delivers advanced management and WIPS security for 802.11n-enabled networks, another key advancement from Siemens.

“In support of the mobile enterprise, Siemens now has a HiPath Wireless offering for new and existing customers looking to benefit from the considerable speed and reliability benefits provided by 802.11n technology,” said Luc Roy, vice president of Enterprise Mobility for Siemens. “The unique architecture and capabilities that we have designed into HiPath Wireless can give any enterprise the confidence that they can easily and cost-effectively deploy a high-performance wireless network, while taking care of ever increasing mobile business.”

Pricing and Availability
Siemens’ HiPath Wireless solution will begin shipping in March 2008. The new HiPath Wireless Access Points will sell for €960 ($1,300). Upgrades to the HiPath Wireless Convergence Software will start at €280 ($349) and HiPath Wireless Manager HiGuard upgrades are available free of charge.

About Siemens Enterprise Communications:
Siemens Enterprise Communications is one of the world’s leading vendors of Open Communications solutions for enterprises of all sizes, enabling business processes to be more productive, faster and more secure – with any device, network or information technology infrastructure. The company is a wholly owned subsidiary of Siemens AG with 15,000 employees globally and headquarters in Munich.

Note: Siemens and HiPath are registered trademarks of Siemens AG or its subsidiaries and affiliates. All other company, brand, product and service names are trademarks or registered trademarks of their respective holders.

This release contains forward-looking statements based on beliefs of Siemens management. The words "anticipate," "believe," "estimate," "forecast," "expect," "intend," "plan," "should," and "project" are used to identify forward-looking statements. Such statements reflect the company's current views with respect to future events and are subject to risks and uncertainties. Many factors could cause the actual results to be materially different, including, among others, changes in general economic and business conditions, changes in currency exchange rates and interest rates, introduction of competing products, lack of acceptance of new products or services and changes in business strategy. Actual results may vary materially from those projected here. Siemens does not intend or assume any obligation to update these forward-looking statements.

###

Technorati Tags: Siemens, enterprise mobility, WiFI, 802.11n, WIPS, unified communications

Posted by Ken Camp | Permalink | Comments (0) |

Astaro has been showing up on my radar screen a lot lately. They're working on several different areas of interest for me. This release about a new R&D center in Poland caught my eye for a couple different reasons.

First, I'm seeing a rise in R&D and labs being openly used by companies as a tool to display their capabilities. I think we went through a period where focused R&D and finely directed lab research just wasn't as important to some companies. I think that's changing across the whole landscape (but not for all companies).

The other thing that caught my eye was the R&D going into Poland. While we don't always think of Poland as a high-tech center, it really is an area of the world where technology plays a very strong role. I think I crossed paths with Vassilovski some time back working on a project between Lucent-Alcatel and Verizon, but can't truly remember. But some quick research leads me to believe we're going to see some strong initiatives from this new Astaro R&D facility.

Astaro To Focus on Centralized Security Management at New R&D Center in Poland

Burlington, MA - January 18, 2008 – Astaro Corporation (www.astaro.com), a leader in delivering unified threat management (UTM) security appliances, today announced it has opened a new Research & Development center in Bydgoszcz, Poland. The new R&D center is designed to escalate Astaro’s technology into new frontiers of network security approaches and modes of delivery, including next-generation malware detection and blocking, email discovery and messaging, security management and other anti-threat applications. Astaro is also preparing for the release of a new product line in 2008.

The main objective for the R&D center is to drive the development of Astaro’s centralized management product, Astaro Command Center (ACC). Currently staffed by five engineers, plans are already underway to hire additional developers over the next few months to grow the team.

Operations will be managed by Pavel Vassilovski, a former computer scientist with 12 years of experience working for Alcatel-Lucent, where he focused on projects that centered on telecommunications domains such as switching, messaging and network management. While at Alcatel-Lucent, Vassilovski was responsible for the development and deployment of real-time traffic management systems and OSS/BSS services to large telco providers including Vodafone and Verizon.

“We are pleased to be opening a large R&D center in the heart of Poland, where a lot of undiscovered and willing IT talent resides,” said Jan Hichert, Astaro co-founder and CEO. “The new development center will give Astaro the ability to take our product plans from conception to the market place with increased speed and a higher level of quality. We are anxiously awaiting the latest release of ACC which will increase the functionality and visibility of centralized management and network protection.”

About Astaro
Astaro Corporation is headquartered in Burlington, Mass. and Karlsruhe, Germany. The Astaro Security Gateway, simplifying Email, Web & Network Security, has won numerous industry awards and is protecting over 30,000 networks in 60 countries. Astaro products are distributed by a worldwide network of nearly 2,500 solution partners who offer local support and services. For more information, please visit www.astaro.com .

Technorati Tags: Astaro, centralizez security management, InfoSec, VoIP security, R&D, Poland, Pavel Vassilovski

Posted by Ken Camp | Permalink | Comments (0) |

I had a chance to talk a while ago with Sachin Joglekar, Sipera's head of VIPER Research about what they saw as the top five issues in 2007. We also chatted about the trends ahead. If you aren't watching the updates coming out of Sipera, I encourage you to take a look at http://www.sipera.com/viper.

SIPERA VIPER LAB REVEALS TOP 5 VOIP THREAT PREDICTIONS FOR 2008

Denial of Service, Eavesdropping, Microsoft OCS Vulnerabilities, Spoofing IDs, and Vishing Exploits Will Affect Enterprises and Service Providers

Richardson, TX, January 16, 2008 – Sipera VIPER™ Lab, operated by Sipera Systems, the leader in comprehensive VoIP/UC security solutions, today revealed its Top 5 VoIP Threat Predictions for 2008. As with its “Top 5 VoIP Vulnerabilities in 2007” list, the Sipera VIPER team leveraged its own extensive research and examined reports to determine the VoIP/UC threats with the greatest potential impact in 2008.

Based on industry trends that include major IP telephony vendors offering SIP solutions, enterprises deploying VoIP and unified communications (UC) beyond the traditionally secure perimeter, and service providers aggressively embracing fixed mobile convergence (FMC), Sipera VIPER Lab’s Top 5 VoIP Threat Predictions for 2008 are:

1. First and foremost, as enterprises deploy SIP Trunks and UC for the mobile workspace, denial of service (DoS) and distributed DoS attacks on VoIP networks will become an increasingly important issue.
2. HTTP or other third party data services running on VoIP end-points will be exploited for eavesdropping and other attacks.
3. The hacking community, experienced with exploiting the vulnerabilities in other Microsoft offerings, will turn its attention and tools towards Microsoft OCS – taking advantage of its UC connections to public IMs, email addresses and buddy lists to create botnets and launch attacks. As well, enterprise federation for OCS, a major productivity and business process enabler, will be a source of greater VoIP security risk since it exposes once closed networks to the risks found in other federations.
4. Hackers will set up more IP PBXs for vishing/phishing exploits. Vishing bank accounts will accelerate, due to ease of exploit and the appeal of “easy money.”
5. VoIP attacks against service providers will escalate, using readily available, anonymous $20 SIM cards. With UMA becoming more widely deployed, service providers are, for the first time, allowing subscribers to have direct access to mobile core networks over IP, making it easier to spoof identities and use illegal accounts to launch a variety of attacks.

“The openness and extensibility of SIP make it an attractive choice for enterprises and service providers to realize the promise of unified communications. Unfortunately, those very attributes make it attractive to the hacking community and increase the overall security risk,” said Krishna Kurapati, Sipera founder/CTO and head of Sipera VIPER Lab. “To fully realize the potential of unified communications, organizations need to implement up-to-date security best practices, and proactive UC security and system monitoring. Complementing those efforts, Sipera VIPER Lab will continue to issue threat advisories and provide consulting services to customers, partners and the general public to ensure unmatched unified communications security.”

Sipera VIPER Lab is comprised of experienced VoIP/UC security researchers operating globally 24/7/365. Since its inception in 2003, Sipera VIPER Lab has identified thousands of vulnerabilities and security threats which include fuzzing, floods and distributed floods, spoofing, stealth attacks and spam. VIPER Lab research is used to continuously improve the Sipera IPCS products that protect, control and enable real-time unified communications for enterprises and service providers. For Sipera VIPER Lab blog, Threat Advisories and RSS feeds, please visit http://www.sipera.com/viper.

About Sipera Systems
Sipera Systems provides enterprises and service providers with comprehensive VoIP/UC security solutions that protect, control and enable real-time unified communications. The Sipera IPCS™ products combine VPN, Firewall/SBC, Intrusion Prevention, Anti-Spam, Compliance and Troubleshooting functionality for VoIP systems in a single device. This securely enables IP PBXs, VoIP remote users, SIP trunks, data/voice VLANs, hosted VoIP services and IMS or UMA-based networks. Comprised of top vulnerability research experts, the Sipera VIPER™ Lab concentrates its efforts towards identifying VoIP vulnerabilities, while Sipera LAVA™ tools verify networks’ readiness to resist attacks. Founded in 2003, and backed by Austin Ventures, DTEC, Sequoia Capital and Star Ventures, Sipera is headquartered in Richardson, TX. Visit http://www.sipera.com.

Technorati Tags: Sipera, VIPER Labs, VoIP, vulnerabilites

Posted by Ken Camp | Permalink | Comments (0) |