Atnaujinkite slapukų nuostatas

El. knyga: Voice over Internet Protocol (VoIP) Security

1.00/5 (4 ratings by Goodreads)
(SVP, Professional Security Services at SecureInfo Corporation in San Antonio, TX), (James F. Ransome, Ph.D., CISSP, CISM,SVP, Managed Security Services)
  • Formatas: PDF+DRM
  • Išleidimo metai: 19-Jan-2005
  • Leidėjas: Digital Press
  • Kalba: eng
  • ISBN-13: 9780080470467
Kitos knygos pagal šią temą:
Voice over Internet Protocol (VoIP) SecurityDidesnis paveikslėlis
  • Formatas: PDF+DRM
  • Išleidimo metai: 19-Jan-2005
  • Leidėjas: Digital Press
  • Kalba: eng
  • ISBN-13: 9780080470467
Kitos knygos pagal šią temą:

DRM apribojimai

  • Kopijuoti:

    neleidžiama

  • Spausdinti:

    neleidžiama

  • El. knygos naudojimas:

    Skaitmeninių teisių valdymas (DRM)
    Leidykla pateikė šią knygą šifruota forma, o tai reiškia, kad norint ją atrakinti ir perskaityti reikia įdiegti nemokamą programinę įrangą. Norint skaityti šią el. knygą, turite susikurti Adobe ID . Daugiau informacijos  čia. El. knygą galima atsisiųsti į 6 įrenginius (vienas vartotojas su tuo pačiu Adobe ID).

    Reikalinga programinė įranga
    Norint skaityti šią el. knygą mobiliajame įrenginyje (telefone ar planšetiniame kompiuteryje), turite įdiegti šią nemokamą programėlę: PocketBook Reader (iOS / Android)

    Norint skaityti šią el. knygą asmeniniame arba „Mac“ kompiuteryje, Jums reikalinga  Adobe Digital Editions “ (tai nemokama programa, specialiai sukurta el. knygoms. Tai nėra tas pats, kas „Adobe Reader“, kurią tikriausiai jau turite savo kompiuteryje.)

    Negalite skaityti šios el. knygos naudodami „Amazon Kindle“.

Voice Over Internet Protocol Security has been designed to help the reader fully understand, prepare for and mediate current security and QoS risks in today's complex and ever changing converged network environment and it will help you secure your VoIP network whether you are at the planning, implementation, or post-implementation phase of your VoIP infrastructure.

* This book will teach you how to plan for and implement VoIP security solutions in converged network infrastructures. Whether you have picked up this book out of curiosity or professional interest . . . it is not too late to read this book and gain a deep understanding of what needs to be done in a VoIP implementation.

* In the rush to be first to market or to implement the latest and greatest technology, many current implementations of VoIP infrastructures, both large and small, have been implemented with minimal thought to QoS and almost no thought to security and interoperability.

Recenzijos

"Voice Over Internet Protocol Security is both unique and timely. Ransome and Rittinghouse expertly describe the technical fundamentals, salient business drivers, and converged network infrastructure security risks and challenges IT and security professionals encounter when implementing enterprise-level VoIP systems." William M. Hancock, Ph.D., CISSP, CISM, CSO, Savvis Communications.

"This book should be required reading for anyone contemplating a VoIP implementation for three reasons: first, it deals with telecom technology and standards from Alexander Graham Bell onward. This puts VoIP in its proper context as an integral, evolved part of a global system that is potentially vulnerable. Second, it provides a detailed tutorial on all of the major aspects of VoIP implementation from a pragmatic point of view. Finally, it addresses the very real security issues that could put the global telephone system at risk if not dealt with professionally. I would heartily recommend your entire project team buy this book and read it carefully!" John Milner, MIS Director, Cambridge University

Daugiau informacijos

First book to focus exclusively on VoIP Security the fastest growing portion of telecom/CS Communications
List of Figures and Tables
xv
Foreword xvii
Preface xxiii
Acknowledgments xxvii
The (Business) Value of VoIP
1(10)
Internet Telephony versus Telephony over the Internet
2(1)
The Value of VoIP: Return on Investment (ROI)
2(6)
Getting the Most from VoIP: Cost Savings
3(1)
Capital and Expense Savings
4(1)
Productivity Savings
5(1)
New Features
5(1)
Convergence of Technologies
6(1)
Potential Drawbacks in VoIP Implementations
6(1)
VoIP Implementation Realities of ROI
7(1)
What about VoIP Security?
7(1)
Summary
8(1)
Endnotes
9(1)
General References
9(2)
Digital Voice Fundamentals
11(36)
Speech Properties
12(1)
Classes of Speech
13(2)
Voiced Sounds
13(1)
Unvoiced Sounds
14(1)
Plosive Sounds
14(1)
Sampling
15(1)
Quantization
16(2)
Uniform or Linear Quantizers
17(1)
Nonuniform (Logarithmic) Quantization
17(1)
Companding
17(1)
Vector Quantization
18(1)
Waveform Coding
18(24)
Time Domain Coding: Pulse Code Modulation (G.711)
19(7)
G.711 PCM Standardization
26(1)
Time Domain Coding: Differential PCM (DPCM)
26(1)
Time Domain Coding: Adaptive Differential PCM (G.721/G.726)
27(1)
Continuously Variable Slope Delta (CVSD) Modulation
27(1)
Frequency Domain Coding
28(1)
Vocoding
29(3)
Hybrid Coding
32(5)
G723.1 Recommendation
37(1)
G.728 Low-Delay CELP Recommendation
37(1)
G.729 Recommendation
38(3)
The GSM Codec
41(1)
Digital Speech Interpolation
42(1)
Summary
43(1)
Endnotes
44(1)
General References
45(2)
Telephony 101
47(28)
Introduction to Telephony
47(3)
Call Technology Basics
50(5)
Traditional Handsets
52(1)
Switch Hook
53(1)
Side Tone
53(1)
Dialer
53(1)
VoIP and VoIP Phones
53(2)
Understanding Signaling
55(1)
Subscriber Loop Signaling
56(9)
Supervisory Signaling
56(6)
Address Signaling
62(2)
Call-Progress Signaling
64(1)
Components of the Phone System
65(1)
Phone
65(1)
PBX
65(1)
Subscriber Loop
65(1)
Trunk and Access Lines
66(1)
Making the Basic Telephone Connection
66(3)
On-hook
66(1)
Off-hook
66(1)
Dialing
67(1)
Switching
68(1)
Ringing
68(1)
Talking
68(1)
North American Numbering Plan (NANP)
69(1)
International Numbering Plan (ITU-T E.164)
70(1)
CCS, CCIS, CAS, and SS7
70(2)
Summary
72(1)
Endnotes
73(1)
General References
73(2)
Packet Technologies
75(58)
Packet Networking Overview
75(5)
ISO/OSI Network Model
75(4)
TCP/IP Network Model
79(1)
Routing and Switching
80(7)
Routing Basics
80(5)
Routing Tables
85(1)
Distance-Vector Routing Protocols
86(1)
Switching
86(1)
IP Networks
87(8)
Address Resolution Protocol (ARP)
87(1)
Understanding IP, TCP, UDP, and ICMP Packets
88(7)
VoIP Security Protocols
95(9)
H.235 and Security Profiles
95(1)
H.235v2
95(1)
H.235v2 Annex D: Baseline Security Profile
95(1)
H.235v2 Annex E: Signature Security Profile
96(1)
Voice Encryption Option
96(1)
H.235v2 Annex F: Hybrid Security Profile
97(1)
H.235v3
98(1)
Baseline Security Profile Enhancements
98(1)
Draft H.235v3 Annex G: SRTP and MIKEY usage
98(2)
Draft H.235v3 Annex H: RAS Key Management
100(1)
H.235v3 for Direct-Routed Scenarios
101(1)
SIP Security
102(1)
Existing Security Features in the SIP Protocol
103(1)
Signaling Authentication using HTTP Digest Authentication
103(1)
S/MIME Usage within SIP
103(1)
Confidentiality of Media Data in SIP
104(6)
TLS Usage within SIP
104(1)
IPSec Usage within SIP
105(1)
Security Enhancements for SIP
105(1)
SIP Authenticated Identity Body
105(1)
SIP Authenticated Identity Management
105(1)
SIP Security Agreement
106(1)
SIP End-to-Middle, Middle-to-Middle, Middle-to-End Security
107(1)
SIP Security Issues
107(2)
MGCP
109(1)
MGCP System Architecture
109(1)
MGCP Security Considerations
109(1)
Voice Transport Protocols
110(4)
Real-time Transport Protocol (RTP)
110(1)
Transport Control Protocol (TCP) and User Datagram Protocol (UDP)
110(1)
Real-Time Control Protocol (RTCP)
111(1)
Stream Control Transmission Protocol (SCTP)
112(1)
Trivial File Transfer Protocol (TFTP)
113(1)
Signaling Protocols
114(3)
SIGTRAN
114(1)
H.248/MEGACO
114(2)
MEGACO Security Considerations
116(1)
DNS and DNSSEC with VoIP
117(1)
DNSSEC and Identity
117(1)
MPLS and VoIP
118(5)
Label Distribution Protocol (LDP)
119(2)
Constraint-based Routing---Label Distribution Protocol (CR-LDP)
121(1)
RSVP and RSVP-TE
121(2)
Voice over Frame Relay Access Devices (VFRADs)
123(2)
Voice over ATM (VoATM)
125(1)
Summary
126(1)
Endnotes
127(2)
General References
129(4)
VoIP Processing
133(18)
Voice Packetization
133(1)
Compression
134(1)
VoIP Packet Processing Issues
135(3)
Packet Timing Jitter
135(1)
Packet Timing Latency
136(2)
VoIP Call Setup Protocols
138(1)
Call Setup Protocols from the Telephony Community
138(1)
Call Setup Protocols from the Data-Networking Community
138(1)
Voice Streaming Protocols
139(1)
IP Telephony Servers, PBXs, and Gatekeepers
140(1)
VoIP Gateways, Routers, and Switches
141(3)
IP Phones and Softphones
144(1)
VoIP and Converged Network Regulatory Issues
144(2)
The VoIP Regulatory Freedom Act of 2004
146(1)
Summary
147(1)
Endnotes
148(1)
General References
148(3)
VoIP Implementation Basics
151(30)
Stages of VoIP Implementation
151(2)
Achieving VoIP Quality and Reliability
153(10)
The Need for Quality of Service (QoS)
154(1)
Link-layer QoS techniques
155(1)
Queuing Techniques
156(1)
IP QoS Techniques
156(4)
QoS Issues
160(1)
QoS in a Voice Over Packet System
161(2)
Tuning for VoIP QoS
163(3)
Configuration and Testing
166(2)
VoIP Management
168(3)
Service Level Agreements (SLAs)
171(5)
Implementing VoIP SLAs
173(3)
Other VoIP Implementation Issues
176(4)
Delay
177(1)
Echo
178(1)
Packet Loss
178(1)
Jitter
178(1)
VoIP Header Overhead Problem
178(1)
Standards are Lacking for Call Control Information
179(1)
Endnotes
180(1)
General References
180(1)
VoIP Security Risks
181(54)
VoIP Infrastructure Risks
182(28)
VoIP Inherits the Same Threats as the IP Data Network
182(2)
Operating System Vulnerability
184(1)
Human Vulnerability
185(1)
Toll Fraud
186(1)
Easy Access
187(1)
Service Use and Abuse
187(1)
Unintentional and Inadvertent Risks
187(1)
Deliberate Threats
188(1)
Nonemployee or Temporary Employee Granted Access
188(1)
Phreakers Using Phone Systems
189(1)
Hackers Using Computer Systems
189(1)
Service Disruption and Denial of Service
190(1)
Buffer Overflow Attacks
191(1)
SYN Flood
191(1)
UDP Flood
192(1)
Fragmentation Attacks
192(1)
Smurf Attack
192(1)
General Overload
193(1)
Distributed Denial-of-Service Attacks
193(2)
Modems
195(1)
Cable Modems
195(1)
IP Phones
196(1)
Core Routers
196(1)
Media Gateways
197(1)
SIP and SIP Proxies
198(3)
Gatekeepers
201(1)
VoIP Servers and Configuration Exploits
202(1)
Switches
202(1)
VoIP-Based Firewalls
202(2)
Network Access Points
204(1)
Wireless Access Points
204(1)
Remote-Access Points
204(1)
Voice-Mail Systems
205(1)
PBX Risks
206(4)
VoIP Risk from Attacks
210(20)
Insertion and Evasion Attacks
210(2)
User Identity Theft
212(1)
Device Identity Theft
212(1)
Session (Call) Hijacking
212(1)
Monitoring (Eavesdropping)
213(1)
Controlling a Conversation
213(1)
Call-Forwarding Control
213(1)
Redirecting Control
214(1)
Message Integrity
214(1)
Manipulation of Accounting Data
215(1)
Endpoint Impersonation
215(2)
Gatekeeper Impersonation
217(1)
Back-End Service Impersonation
218(1)
Packet Injection
218(1)
Rogue VoIP Server or Gateway
219(1)
Viruses and Other Malicious Software
219(1)
Sniffing
220(2)
Spoofing
222(1)
Man-in-the Middle Attacks
223(1)
Network Scanning
224(2)
Password Cracking
226(1)
Wardialers and Telephone Line Scanners
226(2)
Annoyances and Spam Calls
228(1)
Caller ID Risks
228(2)
Wi-Fi
230(1)
Summary
230(1)
Endnotes
231(1)
General References
232(3)
VoIP Security Best Practices
235(68)
General
235(11)
Maintain Strong Physical Security
236(1)
Secure the Datacenter
236(1)
Secure the Equipment
237(1)
Secure the Environment around the Equipment
237(1)
Secure the Hardware
237(1)
Harden the Servers
238(1)
Manage Your Storage Intelligently
239(1)
Create a Secure Build Image
239(1)
Secure the System and Application Software
240(2)
Log Consolidation and Unusual Pattern Log Analysis
242(1)
Stay Up to Date with Your Network Equipment Vendors
243(1)
Stay Up to Date with Your Software Vendors
243(1)
Turn off Modem Support when Not Needed
244(1)
Create a Well Educated Security Team
244(1)
Perform Security Incident Postmortems
244(1)
Implement Policy Management
245(1)
PBX Network
246(6)
Internal Control and Audit
246(1)
Eliminate Unnecessary Modems
247(1)
Securing the IP PBX
247(1)
Remote Access
248(1)
Accounts and Passwords
248(1)
Physical Security
249(1)
Combating PBX and Voice-Mail Vulnerabilities
249(3)
VoIP Network
252(42)
Separate VoIP Traffic
252(1)
Encrypt VoIP Traffic
253(1)
Isolate IP PBXs and VoIP Servers on a VLAN
253(1)
Put Chatty Protocols on Their Own VLAN
254(1)
Isolate Voice Traffic on a Separate VLAN
254(1)
Unified Management Infrastructure
254(1)
Avoid Use of Voice on Shared Ethernet Segments
254(1)
Build Separate DHCP Servers
255(1)
Put VoIP Devices on Different Windows Domains
255(1)
Beware of Shared Drives
255(1)
Use Private IP Addressing Inside Your Enterprise
255(1)
Use Switches Instead of Hubs
255(1)
Secure the Voice Gateway
256(1)
Maintain Strong Security on All VoIP Servers
257(1)
Filtering on All Segments
258(1)
Filter All Traffic
258(1)
Deploy Firewalls
259(2)
Use a Telecommunications Firewall
261(2)
Intrusion Detection and Prevention Systems
263(1)
Monitoring and Logging
264(1)
Router Security
264(2)
Use Existing Firewalls/IDS to Highlight Attempted Attacks
266(1)
Use Authentication to Exclude Requests from Unknown Hosts
266(1)
Use Dedicated VoIP Firewalls to Prevent Attacks
266(1)
Use a VoIP-Aware Firewall/IDS to Monitor Untrusted VoIP Traffic
267(1)
Security Issues with the Use of H.323, SIP, H.235v3, MGCP, and MEGACO/H.248
267(6)
Network Address Translation (NAT)
273(3)
VoIP Proxies
276(3)
Virtual Private Networks (VPNs) and IP Security (IPSec) in VoIP
279(12)
IPSec VoIP Considerations
291(1)
Security Association (SA)
292(1)
Enhanced 911 (E911) VoIP Considerations
293(1)
VoIP Phones
294(3)
Set up the IP Phones Securely
295(1)
Manage Phone Passwords Carefully
295(1)
Limit the Functions Available in Publicly Available Phones
295(1)
Allow Limited Administrative Access
296(1)
Identify Users
296(1)
Disable Automated Phone Registration
296(1)
Maintain Vulnerability Assessments, Antivirus, and Firewall on Softphone Computers
297(1)
Summary
297(1)
Endnotes
298(3)
General References
301(2)
VoIP Security and the Law
303(26)
Regulatory Issues
304(3)
The 1996 National Information Infrastructure Protection Act
307(1)
President's Executive Order on Critical Infrastructure Protection
307(1)
The USA PATRIOT Act of 2001
308(4)
The Homeland Security Act of 2002
312(1)
US Patriot Act and Changes to Computer-Related Laws
313(13)
Authority to Intercept Voice Communications
313(1)
Obtaining Voice-Mail and Other Stored Voice Communications
314(1)
Changes to Wiretapping Procedures
314(1)
Scope of Subpoenas for Electronic Evidence
315(1)
Clarifying the Scope of the Cable Act
316(1)
Emergency Disclosures by Communications Providers
317(1)
Pen Register and Trap and Trace Statute
317(1)
Intercepting Communications of Computer Trespassers
318(1)
Nationwide Search Warrants for E-mail
319(1)
Deterrence and Prevention of Cyberterrorism
320(4)
Investigations
324(1)
Ethics
325(1)
Summary
326(1)
Endnotes
326(3)
The Future of VoIP
329(10)
The New Breed of VoIP: Internet Telephony
329(2)
The Internet Telephony Providers
331(2)
Free World Dial-Up
331(1)
Net2Phone
332(1)
Packet8
332(1)
VoicePulse
332(1)
Vonage
333(1)
VoIP over Wireless LAN (VoWLan)
333(1)
The Need for VoIP Security
334(2)
Endnotes
336(3)
Appendix
339(46)
A.1 Abbreviations
339(7)
A.2 Glossary
346(29)
A.3 Related Web Sites
375(4)
A.4 References
379(6)
Index 385


James F. Ransome, Ph.D., CISSP, CISM, has over 30 years experience in security operations and technology assessment as a corporate security executive and positions within the intelligence, DoD, and federal law enforcement communities. He has a Ph.D. in information systems specializing in information security and is a member of Upsilon Pi Epsilon (UPE), the International Honor Society for the Computing and Information Disciplines. He is currently Vice President of Integrated Information Security at CH2M HILL in Denver, CO. John has over 25 years experience in the IT and security sector. He is an often sought management consultant for large enterprise and is currently a member of the Federal Communication Commission's Homeland Security Network Reliabiltiy and Interoperability Council Focus Group on Cybersecurity, working in the Voice over Internet Protocol workgroup.
Daugiau apie elektronines knygas Daugiau apie elektronines knygas
Pastovi nuoroda: https://www.kriso.lt/db/97800804704672e.html
Raktažodžiai: