Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures

Peter Thermos, Ari Takanen




In Securing VoIP Networks, two leading experts systematically review the security risks and vulnerabilities associated with VoIP networks and offer proven, detailed recommendations for securing them. Drawing on case studies from their own fieldwork, the authors address VoIP security from the perspective of real-world network implementers, managers, and security specialists. The authors identify key threats to VoIP networks, including eavesdropping, unauthorized access, denial of service, masquerading, and fraud; and review vulnerabilities in protocol design, network architecture, software, and system configuration that place networks at risk. They discuss the advantages and tradeoffs associated with protection mechanisms built into SIP, SRTP, and other VoIP protocols; and review key management solutions such as MIKEY and ZRTP. Next, they present a complete security framework for enterprise VoIP networks, and provide detailed architectural guidance for both service providers and enterprise users.


1       Introduction

2       VoIP Architectures and Protocols

3       Threats and Attacks

4       VoIP Vulnerabilites

5       Signaling Protection Mechanisms

6       Media Protection Mechanisms

7       Key Management Mechanisms

8       VoIP and Network Security Controls

9       A Security Framework for Enterprise VoIP Networks

10     Provider Architectures and Security

11     Enterprise Architectures and Security


《保護 VoIP 網路》是兩位領先專家系統地檢視與 VoIP 網路相關的安全風險和漏洞,並提供經過驗證的詳細建議以確保其安全。作者們根據自己的實地調查案例,從實際網路實施者、管理者和安全專家的角度討論 VoIP 安全。作者們識別了 VoIP 網路的關鍵威脅,包括竊聽、未經授權訪問、阻斷服務、冒充和詐騙;並檢視了協議設計、網路架構、軟體和系統配置中存在風險的漏洞。他們討論了內建於 SIP、SRTP 和其他 VoIP 協議中的保護機制的優點和權衡;並檢視了 MIKEY 和 ZRTP 等關鍵管理解決方案。接下來,他們提出了企業 VoIP 網路的完整安全框架,並為服務提供商和企業用戶提供了詳細的架構指南。

1. 簡介
2. VoIP 架構和協議
3. 威脅和攻擊
4. VoIP 漏洞
5. 信令保護機制
6. 媒體保護機制
7. 金鑰管理機制
8. VoIP 和網路安全控制
9. 企業 VoIP 網路的安全框架
10. 供應商架構和安全
11. 企業架構和安全