
	Home > Unified Communications Tips > Unified Communications Tech Tip > VoIP protocol insecurity

Unified Communications Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

UNIFIED COMMUNICATIONS TECH TIP

VoIP protocol insecurity

Lisa Phifer
02.02.2006
Rating: -4.40- (out of 5)

Digg This!

StumbleUpon

Del.icio.us

Like many Internet protocols, SIP was designed with simplicity, not security, in mind. And, although H.323 was created to meet broader goals, security issues have plagued it as well. Some vulnerabilities are inherent in the protocols themselves; others have been introduced by the developers who turn these standards into products. The following are some examples: These are just a few of the SIP and H.323 Common Vulnerabilities and Exposures (CVEs) found over the past few years. To be fair, many other Internet protocols are vulnerable to spoofing

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	VoIP QoS and VoIP Security
	VoIP implementation study guide
	How will VoIP impact the quality of phone calls on our network?
	How does one cope with echo in a VoIP-enabled network? What's the best way to use an echo canceller?
	Does implementing VoIP security affect the QoS? How would one handle it, if it does?
	IBM, Avaya deals signal IP telephony quality control's coming of age
	Ensuring voice and video quality about more than watching packet flows
	Security concerns for enterprise Skype
	VoIP service selection: MPLS, VPLS or Metro Ethernet?
	Microsoft's Real-Time Codec (RTC) for VoIP optimization
	Disaster and recovery in the VoIP/IPT RFP

VoIP Protocols

SIP trunks a no-brainer for VoIP rollouts

Digium's Asterisk PBX does God's work at Midwest church

Microsoft's Real-Time Codec (RTC) for VoIP optimization

Is there a difference between VoIP and IP telephony?

VoIP for the globe-trotting frequent traveler

SIP tutorial

Springer Handbook of Speech Processing

Top 10 VoIP tips for 2007

Push-to-talk implementation using SIP protocol

IP PBX eases VoIP transition for gas company

Unified Communications Tech Tip

The significance of Avaya's Aura

UC buyers should look for SaaS-based UC offerings in 2009

Using the iPhone in the enterprise?

Social networking and discussion forums for the enterprise

Streaming Cisco's IP Communicator to an HP thin client

Demystifying unified communications deployment strategies

Presence management and security

Presence: SIMPLE versus XMPP

Four factors driving videoconferencing

Consider IBM Lotus SameTime for UC, not just Microsoft OCS

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

vishing (SearchUnifiedCommunications.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

or buffer overflows. But given the high availability associated with the public switched telephone network, companies moving to VoIP may be more sensitive to these threats. Furthermore, as RFC 3261 acknowledges, "SIP is not an easy protocol to secure. Its use of intermediaries, its multi-faceted trust relationships, its expected usage between elements with no trust at all and its user-to-user operation make security far from trivial."

[IMAGE] This tip originally appeared as part of SearchSecurity.com's VoIP protocols: A technical guide

[TABLE]

Rate this Tip

To rate tips, you must be a member of SearchUnifiedCommunications.com.
Register now to start rating these tips. Log in if you are already a member.

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Communications Solutions for Business: Collaboration, Cell Phone Access, and IP Telephony

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2008 - 2009, TechTarget \| Read our Privacy Policy