VOIP Threats Loom Large
Ram Dantu, assistant professor at the University of North Texas's department of computer science and engineering, is worried that VOIP networks aren't as secure as they should be. He says most enterprise networks using VOIP phones now are exposed to distributed denial-of-service (DDOS) attacks -- network attacks designed to cripple a network or phone system by flooding it with useless traffic.
Typically, an IP phone can be put out of service by sending signaling messages at the rate of three calls a minute, Dantu says. "A low-end PC can bring down an entire enterprise VOIP system within a few minutes," he warns.
Dantu's concerns aren't new (see Vendor Points to VOIP Vulnerabilities and VOIP Security Poses a Problem). Security experts have long been fretting that, on an IP network, any malicious device can be made to act like an IP phone, and it could theoretically bypass enterprise firewalls. And having a telephone, VOIP or POTS, requires the ability to get calls from unknown, untrusted sources, a characteristic that is at odds with firewall filtering used to protect data networks.
"Absolutely, VOIP is vulnerable to DOS/DDOS attacks," writes Jim Greenway, VP of marketing at Kagoor Networks in an email to Light Reading. Greenway notes that devices like Kagoor's session controllers already protect enterprises and service providers from DDOS attacks with features such as rate limiting, call gapping, and admission control.
Session controllers like Kagoor's do add a layer of security, in addition to performing the necessary tasks associated with handing traffic off between carrier and enterprise IP networks (see Session Controllers: Limited Lifespan?).
Some newer devices are addressing VOIP DDOS directly. BorderWare's new SIPassure SIP Firewall, announced earlier this month, is aimed at preventing voice spam, DDOS attacks, and packet-level intrusion.
Dantu, however, is worried that point solutions from a variety of vendors isn't a good enough strategy. He says that few, if any, vendors are taking a layered security approach. Networks need several devices providing different aspects of network security, and all the devices communicate potential threats to one another in real time.
Further, he says, you can't treat VOIP traffic the same as data traffic. Quarantining the incoming calls, shaping the calls, and tracing the calls are new challenges for VOIP vendors, in addition to firewall and NAT traversal, Dantu says. "All the solutions need to take into account the level of trust and behavior of the calling party, as well as presence of the called party."
Unfortunately, he doesn't have a magic wand to fix these problems today. But Dantu and his industry colleagues will chew over the possible solutions to VOIP's biggest threats during a day-long VoIP Security Workshop in December that is being held in conjunction with IEEE's Globecom 2004 conference in Dallas.
Speakers for the event will include Paul Kurtz, a former special assistant to President Bush, and Jeffery Hunker, former senior director of critical infrastructure for the White House. Dantu says the program's committee is still considering technical and research papers that will be published at the workshop.
— Phil Harvey, News Editor, Light Reading