What is VoIP?
VoIP is a technology that converts analog voice signal into a digital signal and transmit over internet.
Examples of VoIP are Facebook voice chat, Facebook video chat, Skype, WhatsApp calling feature.
How VoIP works?
VoIP uses IP phones or a computer for communication. IP phones are connected to a LAN and calls can be done over the wide area IP network.
IP phones are having codecs that convert sound into a digital form & encode and decode the speech. The IP phones also partition or separate encoded speech into IP packets.
What are the security risks for VoIP?
• A call can be redirected to a different user. This is called call hijacking.
• An attacker can send a large number of messages to a single VoIP endpoint to perform DOS (Denial of Services) attack.
• An attacker can perform “VoIP spam” attack by broadcasting the bulk of messages to users.
• There is a risk of “session anomalies”. In this, a message arrives in improper order so that it is difficult for a server to handle.
• An attacker can exploit weak password policy and buffer overflow vulnerability.
• Any type of attack on IP infrastructure can also compromise VoIP communications.
• There is a risk of “audio spam”.
• “ID spoofing” can be done by presenting other users identity.
• An attacker can intercept the call. (MITM attack).
• There is a threat from virus and malware.
How to make VoIP secure?
• VoIP network should be protected by using a firewall, IDS, IPS.
• Use good antivirus product to protect against virus and malware.
• Virtual private network (VPN) should be used for secure communication over VoIP.
• Proper physical security should be implemented to protect VoIP hardware devices.
• Implement port level security. It allows only a specified number of source MAC addresses.
• To access VoIP services enforce strong authentication and authorization mechanism. In addition, enable TLS protocol on the web server.
VoIP security testing tools
Wireshark, VoIPong, Vomit are authentication tools, used to determine password for each user of SIP messages.
SIP stands for Session Initiation Protocol that initiates a functionality of the protocol. This protocol is mainly used to get result code of the transaction like success, failure, of the transaction.
Netcat, VoIPaudit, iWAR are scanning and enumeration tools.
After VoIP technology comes, the data security issues became voice security. To protect VoIP, a well-structured plan needs to be implemented. It includes voice encryption, authentication, firewalls and separation of data and voice traffic.