Implementing a VIPSec based application for handhelds: design and optimization issues
Proceedings of the 3rd international conference on Mobile multimedia communications
Voice pharming attack and the trust of VoIP
Proceedings of the 4th international conference on Security and privacy in communication netowrks
| Hi-index | 0.00 |
Voice over IP (VoIP) is one of the most emerging technologies, with a very relevant market penetration trend. This technology will represent a cost advantage for the business and private networks with greater flexibility, if no new related vulnerabilities are introduced. The problems of security of the VoIP are mainly related to the weaknesses of the combination of the SIP and RTP protocols. In the VoWiFi case, these weaknesses are enhanced by the intrinsic vulnerabilities of the first generation wireless networks (802.11b), or by a bad administration of wireless security systems. After building a VoIP network over Wi- Fi without enforcing security measures for the authentication and the privacy of the data, we will show in this paper several typologies of attack: Eavesdropping and Sniffing of the VoIP calls, Man in the Middle, Denial of Service, Call interruption and Build false calls. All these threats can represent part of a check list for a plug-andplay penetration test schedule, whenever a company deploys a VoIP network infrastructure based on some untested VoIP softphone and Wireless Lan (as an internal hotspot).