Thermos P., Takanen A. Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures

Addison-Wesley, 2008. — 384 p. — ISBN-13: 978- 0-321-43734-1.In Securing VoIP Networks, two leading experts systematically review the security risks and vulnerabilities associated with VoIP networks and offer proven, detailed recommendations for securing them. Drawing on case studies from their own fieldwork, the authors address VoIP security from the perspective of real-world network implementers, managers, and security specialists. The authors identify key threats to VoIP networks, including eavesdropping, unauthorized access, denial of service, masquerading, and fraud; and review vulnerabilities in protocol design, network architecture, software, and system configuration that place networks at risk. They discuss the advantages and tradeoffs associated with protection mechanisms built into SIP, SRTP, and other VoIP protocols; and review key management solutions such as MIKEY and ZRTP. Next, they present a complete security framework for enterprise VoIP networks, and provide detailed architectural guidance for both service providers and enterprise users.VoIP Architectures and Protocols
Threats and Attacks
VoIP Vulnerabilites
Signaling Protection Mechanisms
Media Protection Mechanisms
Key Management Mechanisms
VoIP and Network Security Controls
A Security Framework for Enterprise VoIP Networks
Provider Architectures and Security
Enterprise Architectures and Security