The VOIP Provider Guide

It’s not something that anyone necessarily wants to talk about, but with the growth of VoIP technology and the takeover of many telecommunications features by IP based services, the risk of security breaches and hacking grows as well. Traditionally, telephones have had issues with tapping and listening in, but it was done on a much lower level, utilizing the outdated technology that current phone systems still use.

With the advent of digital phone service, telecommunications becomes just as at risk as any other aspect of digital security. Eavesdropping, service interruptions and stolen calls are all possible risks of VoIP service. There are however methods to protect against each of these risks.

Denial of Service
Denial of Service is as simple with VoIP networks as it is with existing data networks. The most traditionally method used by hackers to take down a data network is simply to overload it with too many packets, forcing the network to crash and shutdown in response. This method does not always work as some networks have safeguards against it, but it will often cause lower performance rates regardless. 

Flooding
Another method to take down a VoIP network is to send SIP packets, those that are designed to open a new call connection, in mass quantity from a fake IP address. The system will eventually overload and fill up with the fake requests, making it impossible to take actual call requests.

Because the fake IP address doesn’t actually exist, it cannot return the packet that starts the phone call and the process never completes, leaving those SIP packets to sit until they expire. There are ways to keep this kind of attack from happening though. Programs and guides exist that describe exactly how you go about changing your queue size and how long it takes for a request to time out. You can also install firewalls designed to block such packets from unknown or stagnant IP addresses. The firewall itself must be capable of recognizing and scanning SIP messages.

Terminating Calls
A hacker can use the same techniques described above to actually terminate a call you’re in the middle of whenever they want. By inserting specific messages that tell the VoIP protocols to end the call or hangup, they can stop the call at any point. There are programs, such as SIP-Kill that will actively do this for a hacker without them actually needing to understand how the process works.

For that reason, it’s easy for them to attack your calls. However, it’s also easy to protect against it by using an encryption program or service to keep the protocols from view. The right software will check and authenticate all packets before they are allowed, keeping simple attacks to a minimum.

Stealing a Phone Call
This is a problem that people are likely more worried about than anything else. Instead of eavesdropping, a hacker can actually steal a phone call entirely from a VoIP user. In the registrar database where the IP addresses are kept for incoming and outgoing phone calls, a hacker can easily take a look and change the address to gain access to either end of these calls. They simply reroute where the call signal is being sent and voila, they’ve stolen your phone call.

There are numerous methods of encryption that keep this type of attack from happening. Simple SIP encryption goes a long way to ward off simple hacking programs, but for businesses and the like out there, a more complicated security feature such as Transport Layer Security will go a long ways toward keeping your packets safe.

What These Risks Actually Mean
Obviously these problems are going to be few and far between for most standard end users. If you are a regular user in the suburbs of

This entry was posted on Sunday, July 29th, 2007 at 8:09 pm and is filed under VOIP Advice. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.