VoIP systems are like any other computer network system, and thus require protection from the same classes of cyber attacks as any other network server. While legacy firewalls may have trouble properly handling the unique requirements of VoIP systems, many modern security appliances have application layer gateways (ALG) designed specifically to handle VoIP-specific protocols. Some of these ALGs can even provide VoIP-specific security functionality, such as preventing SIP directory harvesting, or network level DoS attacks.
That said, some VoIP TDoS attacks can appear as perfectly legitimate calls—because they are. They just come from a malicious source. Differentiating these calls from legitimate ones can be challenging, even with a hardened VoIP server and the right protections.
If you suffer a TDoS attack, like one ones recently reported, contact the authorities, and also contact your VoIP service provider to see if they can help upstream.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.