VoIP Security Workshop Outline

VoIPcode.org's 3 day VoIP security workshop is designed to provide a detailed introduction to the security issues associated with VoIP applications, to survey the range of threats faced by VoIP applications, to demonstrate some of the techniques used to attack VoIP systems and to equip attendees with a toolkit designed to enable further VoIP vulnerability research. The course covers multiple VoIP protocols, including H.323, Skype and the Session Initiation Protocol (SIP). The majority of examples and practical sessions will focus on SIP.

Target Audience

This technical course is targeted at 3 primary groups:

  • VoIP network designers and implementers
  • Engineers and security specialists with telco experience wishing to learn about the security issues in the VoIP and IP worlds
  • Engineers and security specialists with IP security experience wanting to understand the unique threats posed by VoIP

Workshop Program

Day 1:

  • Introduction to VoIP Protocols, SIP and H.323
  • Comparing VoIP with standard IP applications
  • Other VoIP applications, Skype and proprietary protocols
  • VoIP system components, User Agents, IP-PBX
  • VoIP Threat Landscape and targets
  • Practical exercise: setting up a simple IP-PBX

Day 2:

  • VoIP Threats in detail
  • Protocol conformance testing (protocol fuzzing)
  • Signalling and Media threats
  • Flooding Attacks
  • VoIP Spam
  • Call Hijacking
  • Caller Impersonation
  • Call Eavesdropping
  • Directory harvesting
  • Password dictionary attacks
  • Practical Exercise: Registration Flooding, Call Hijacking and Password dictionary attacks

Day 3:

  • Techniques for VoIP Vulnerability Analysis
  • Limitations of standard analysis techniques
  • Introduction to the VoIP vulnerability toolkit
  • VoIP Security Defences
  • Limitations of standard Firewalls
  • Application specific security
  • Practical Exercise: Building a VoIP Spam generator

Workshop Pre-requisites

This course assumes knowledge of TCP/IP networking protocols and a basic familiarity with IP network security concepts (Firewalls, Web Proxies etc). The course also assumes some experience in running standard port scanning and vulnerability testing tools (e.g Nmap, Nessus). Some knowledge of Linux/Unix is an advantage and experience of writing and using Unix shell scripts and C programming is a an advantage although not essential.

Workshop Deliverables

Each workshop attendee will received a CD containing a full set of course notes, a number of additional white papers and a copy of the VoIP vulnerability testing toolkit. The toolkit is available for Win32 (binary only) and Unix/Linux (source code).