RSA Raises Brief Thoughts on VoIP Security
Since we've shifted to Typepad for blogging, I'm minimizing just linking to news stories here in the blog. Sometimes, especially when there's lots of news or just a lot of activity, I will just point to another story or post somewhere. My schedule precluded my making it to RSA this year, but I'm following the event as closely as I can. Tim Green's story caught my eye.
RSA: Network security is the key to keeping VoIP secureI'm going to re-emphasize some VoIP security basic points that Tim mentions without a lot of elaboration or discussion right now. They're just so important that can't be overlooked.
News Story by Tim Greene
FEBRUARY 15, 2006(NETWORK WORLD) - Despite warnings that VoIP is vulnerable to a new breed of attacks, the biggest threat to it remains weaknesses in general network security, according to a vendor presentation at the RSA Security Conference 2006.
Experts are aware of possible attacks that could be made against VoIP protocols, but worms, viruses and other exploits that take down servers or congest networks in general are the exploits that hurt VoIP in practice, said David Endler, chairman of the VoIP Security Alliance (VoIPSA) and director of security research for 3Com Corp.'s TippingPoint division.
Patch systems regularly against known threats.
Change default passwords everything.
Following vendors' check lists for securing systems at the time of installation.
Use intrusion detection and prevention systems.
Use VoIP aware firewalls to protect VoIP network infrastructure.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine