VoIP Toolkit

Creating a secure and reliable VoIP solution

Tags:
Authority,
Delays,
Routers,
Circuit

Deb Shinder Tech Republic

Published: 10 Aug 2007 14:09 BST

…it is able to recognise and parse VoIP protocols and perform deep inspection of the VoIP packets and analyse the VoIP payload to discover patterns that indicate attacks.

For example, if your VoIP implementation uses SIP, the firewall should be able to:

Monitor inbound and outbound SIP messages for application-level attacks.
Support TLS.
Perform SIP-aware NAT and media-port management.
Detect unusual calling patterns.
Log details of SIP messages, especially for unauthenticated calls.

Companies such as BorderWare are now making SIP-aware firewalls.

Protecting VoIP gateways
The gateway is a point where data enters or leaves the VoIP network; gateways also connect unlike networks, such as the IP network and the PSTN. You should use strong authentication mechanisms and access controls at the gateways, to control who can make and receive calls through the VoIP system, who can perform administrative tasks, etc.

Protecting VoIP at the physical layer
The physical layer of the network includes the media over which IP packets travel. This can be Ethernet, fibre optic cabling, or, in the case of wireless VoIP, the airwaves. Limiting access to the media (as well as the VoIP servers and endpoints) is just as important for a voice network as for a data network.

Intruders who have access to the media, either by plugging into a switch or hub, tapping the cable itself, or intercepting wireless transmissions, can use "sniffer" software to capture the packets containing the voice data and signalling information and use readily available tools, such as Vomit, to reassemble them and eavesdrop on conversations or even make changes to the communications and use them in replay attacks.

You should:

Control access to call servers by keeping them in a locked room.
Restrict access to endpoints (hard phones or softphone programs installed on computer workstations).
Secure cabling by running it through conduits and walls.
Limit wireless interception by strategic location of access points, limitations on signal strength, use of blocking materials to contain wireless signals within the building, etc.

Protecting VoIP at the network layer
You can use internet protocol security (IPSec) encryption to protect your VoIP data as it travels over the network, so that, if attackers get past your physical security precautions and intercept VoIP packets, they won't be able to decipher the contents.

VoIP is inherently more vulnerable to attack than the PSTN network because of the public nature of the IP network and its protocols

IPSec uses authentication header (AH) and encapsulating security payload (ESP) to provide authentication, integrity and confidentiality of IP transmissions. IPSec for VoIP (VoIPSec) uses IPSec in tunnel mode to secure the identities of both endpoints. IPSec can make your VoIP communications even more secure than a traditional landline.

Protecting VoIP at the session layer
You can use transport layer security (TLS) to protect VoIP-session initiation to ensure that calls are set up securely and secure VoIP-call traffic. TLS provides an encrypted channel between two endpoints, and operates between the network layer (where IPSec works) and the application layer.

TLS uses digital certificates and public key cryptography. This means each endpoint must have a certificate issued by a trusted certification authority (an internal certification authority such as a Windows server running certificate services for calls within the organisation, or a public certification authority — such as VeriSign — for calls outside the organisation).

RFC 3261 defines a method for sending SIP over TLS channels called "Secure SIP" or "SIPS".

Protecting VoIP at the application layer
You can use secure RTP (SRTP) to encrypt the media at the application layer. SRTP is defined by RFC 3711 and provides the following security mechanisms:

Message authentication.
Confidentiality.
Replay protection.
Protection against DoS attacks to the RTP stream.

SRTP can be used for protection of VoIP communications on both wired and wireless networks. It uses the AES cipher, with one master key from which all session keys are derived. ZRPT is a key management protocol — developed by Phil Zimmermann of PGP fame — that can be used with SRTP. SRTCP provides the same security mechanisms for RTCP that SRTP provides for RTP.

Summary
Reliability and security is still a major concern for organisations considering a VoIP implementation; despite the growing popularity of VoIP, security remains an obstacle to more widespread adoption. VoIP is inherently more vulnerable to attack than the PSTN network because of the public nature of the IP network and its protocols, but by taking a carefully planned, multi-layered approach to securing their VoIP networks, companies can make VoIP as secure as — or even more secure than — traditional phone systems.