VoIP Security - Myth #1
Myth #1 - My VoIP infrastructure is secure because...
"because our PBX is connected directly to PSTN network and I am not using SIP/H.323 trunking”.
Well this brings fond memories of the old days when voice security meant to have a good lock on the doors leading to the telecommunication closet with a PBX in it. Unfortunately the fact that there are no IP trunks doesn't mean your VoIP is secure.
Look at the diagram of a single VoIP device, in this case a Call Manager (a modern term for the PBX). It is very complex system consisting of VoIP applications, protocol stacks, common network services such as DHCP and web server, OS and complex configuration databases. Each of these layers has vulnerabilities that could be exploited locally or remotely. These vulnerabilities could be also combined and used to create pretty sophisticated exploits spanning multiple layers. For example there are vulnerabilities that enable an attacker to send a crafted command to a particular service running on CM and obtain a shell on the attacker's console. From there the attacker could transfer a harmful software to Call Manager. Then the attacker would exploit another vulnerability related to a soft clients reset process by modifying the startup sequence and transfer a worm to the soft client an d obtain shell on that machine as well. Pretty scary scenario.
SIP/H.323 trunks are just a small component of the typical Call Manager software and not that attractive to any potential attacker. As a matter of fact there are much more attractive attack vectors that could be used to exploit Call Manager vulnerabilities than IP trunks.
Imagine how complex this picture becomes when you deal with a real VoIP deployment with PBX, phones, soft phones, gateways, voice mail, IVR, ADC, etc. The potential attacker can penetrate the VoIP infrastructure remotely through direct attacks on VoIP applications/devices or indirectly through data network or VoIP applications residing on the dual use devices such as soft clients or smartphones. Another interesting observation is the fact that these pesky softphones will, with time, replace all the hardphones we use today. And since they reside on common PC platforms such as laptops and in the near future on the wireless smartphones they are present in both data and VoIP networks. As such they present very attractive vector of attack against VoIP as well as data networks.
These attacks could come from external sources such as the global Internet and ISP networks or internal malicious employees, unknowingly malicious employee or directly connected third-party company, business partner or consultant. And let me assure you that my guys working in the research division can show you many of these exploits, some of them very, very scary.
Trying to implement VoIP security by using PSTN network as a firewall/IPS is not a viable solutions and it can’t substitute for a real VoIP security architecture that can protect your VoIP infrastructure from external and internal threats. And soon or later VoIP is going to replace PSTN anyway. So get ready now.
Comments