& cplSiteName &

Cisco IOS Hole Points to VOIP Threat

Light Reading
News Analysis
Light Reading
1/24/2005
50%
50%

Another glitch in Cisco Systems Inc.'s (Nasdaq: CSCO) Internetwork Operating System (IOS) has been discovered, but this one is notable because it underscores the security problems lurking in voice-over-IP (VOIP) installations.

The IOS flaw was disclosed on Cisco's Website on Jan. 19.

While the flaw is specific to Cisco, it points out the importance of security for VOIP systems in general, as their IP nature leaves them open for denial-of-service (DOS) attacks. DOS attacks involve flooding a router or other appliance with phony packets, which overwhelms the device and prevents it from doing its normal tasks. Security experts have pointed to this as a potential security pitfall of VOIP for some time.

As with many other DOS warnings from Cisco, the latest one involves the dreaded "malformed" packets, which Cisco chooses not to define in specifics. The flaw makes it possible, under certain versions of IOS, to send such packets from a Cisco IP phone to a router port running Cisco's Skinny Call Control Protocol (SCCP). This causes a reset on the router port. By repeating the process frequently enough, an intruder could keep the router in a perpetual reload state, creating a kind of DOS attack.

The DOS problem gets magnified when VOIP enters the picture, because incoming calls will have to be examined to screen out DOS attempts. This is more involved than the transport-level security used to prevent normal DOS attacks. For that reason, some observers believe VOIP security is going to be a serious problem (see VOIP Threats Loom Large and VOIP Security Poses a Problem).

"The type of packet inspection you have to do is much deeper. You have to get into the applications layer and parse the SIP information," says analyst Mark Seery of RHK Inc. That's a step beyond the transport-level security used to prevent most IP-based DOS attacks. Most vendors of session border controllers have begun looking into security, sometimes even developing their own ASICs for packet inspection, Seery says.

It's the latest in a string of DOS vulnerabilities Cisco has discovered during the past couple of years, although not all of them are related to IOS. For example, early in 2004, Cisco found a flaw in its add/drop multiplexers, the ONS 15454, and related systems based on non-IOS technology acquired from Cerent Corp. (See Cisco Reports OSPF Vulnerability and Cisco Finds ADM Security Flaw.)

Cisco has been seeking out these vulnerabilities as DOS attacks have come into vogue. Prevention of DOS attacks has become a hot topic in networking, prompting Cisco to acquire Riverhead Networks for $39 million last year (see Cisco's Security Spree Continues).

Cisco's documentation of the latest IOS vulnerability is online at http://www.cisco.com/warp/public/707/cisco-sa-20050119-itscme.shtml.

— Craig Matsumoto, Senior Editor, Light Reading

(4)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
routingfool
50%
50%
routingfool,
User Rank: Light Beer
12/5/2012 | 3:28:49 AM
re: Cisco IOS Hole Points to VOIP Threat
I work in a multi-vendor environment, If you are going to write an article about security or VOIP security then you should not single out any vendor. Security is an area that needs constant attention, its a moving target, your article only highlights Cisco, but I can assure you I have had to upgrade Code from other vendors to prohibit attacks even though they vulnerabilities don't get much play on the news or on the boards.
If you are going to write about security then do some real research, I recently spoke to our vendors about security issues and it may surprise you to learn that they do communicate and share information in order to resolve issues.

Sometimes it gets old bashing Cisco and definitely it shouldn't be on about security issues, I happen to think they do a resonably good job of keeping the public updated on thes issues.
To be fair when are we going to see the articles on other vendors security issues :-(

- Fool
somedumbPM
50%
50%
somedumbPM,
User Rank: Light Beer
12/5/2012 | 3:28:47 AM
re: Cisco IOS Hole Points to VOIP Threat
For whatever reason C does not notify my eng group of such. This has happened with previous call server issues and the 15454s.
HeavyDuty
50%
50%
HeavyDuty,
User Rank: Light Beer
12/5/2012 | 3:28:26 AM
re: Cisco IOS Hole Points to VOIP Threat
When you're number 1 in your industry, any problem within that industry will belong primarily to you. VoIP has been, is and will continue to be a security problem. The Internet is not, by design, a secure/private environment. The 'net is a highly redundant method for data interconnectivity. The security/privacy that most folks would like for their phone conversations is an incomplete afterthought.

This is in addition to the fact that the TCP/IP protocol stack was never intended to be a realtime communication environment. This too is an ongoing afterthought, because voice conversations are realtime applications. This problem will also focus (fairly) on Cisco, because they are the major player in the VoIP market.
HeavyDuty
50%
50%
HeavyDuty,
User Rank: Light Beer
12/5/2012 | 3:28:26 AM
re: Cisco IOS Hole Points to VOIP Threat
When you're number 1 in your industry, any problem within that industry will belong primarily to you. VoIP has been, is and will continue to be a security problem. The Internet is not, by design, a secure/private environment. The 'net is a highly redundant method for data interconnectivity. The security/privacy that most folks would like for their phone conversations is an incomplete afterthought.

This is addition to the fact that the TCP/IP protocol stack was never intended to be a realtime communication environment. This too is an ongoing afterthought, because voice conversations are realtime applications. This problem will also focus (fairly) on Cisco, because they are the major player in the VoIP market.
Featured Video
Upcoming Live Events
September 17-19, 2019, Dallas, Texas
October 1-2, 2019, New Orleans, Louisiana
October 10, 2019, New York, New York
October 22, 2019, Los Angeles, CA
November 5, 2019, London, England
November 7, 2019, London, UK
November 14, 2019, Maritim Hotel, Berlin
December 3-5, 2019, Vienna, Austria
December 3, 2019, New York, New York
March 16-18, 2020, Embassy Suites, Denver, Colorado
May 18-20, 2020, Irving Convention Center, Dallas, TX
All Upcoming Live Events