H.323 mediated Voice over IP: vulnerabilities and more
An IBM executive was once quoted as saying, "Our goal is to make the computer as easy to use as the telephone". Our goal, now, is the reverse: to make using an IP telephone at least as easy and secure as using a computer on the Internet.
Voice over IP (VoIP) can be a complex subject. Network security professionals may find the terminology foreign, and VoIP vulnerabilities are often misunderstood. This paper provides an overview of the H.323 protocol suite, its known vulnerabilities, and then suggests twenty rules for securing an H.323-based network.
By Thomas Porter, Ph.D at SecurityFocus.
[ Read more ]