A Comprehensive Study of VoIP Security
Dharmin Suthar, Parag H. Rughani
Abstract
Voice over Internet Protocol (VoIP) Service has been the implementation over the past few years. Most of the Organizations which have implemented VoIP Services over there are either unaware or ignoring the security and Vulnerabilities issues with VoIP. a VoIP network is also susceptible to abuse and easy to exploit. Here, I would like to discuss various Exploitation techniques followed by Pentesting and Security of VoIP Machine. I will not go to protocol level as this report is aimed at Penetration Testers who want to learn the basics first, though it is strongly encouraged to understand the protocols which is used in VoIP Networks. Here performing attacks against VoIP Denial of Service (DoS) attacks Registration Manipulation and Hijacking Authentication Attacks Caller ID Spoofing Man-in-the-middle attacks Virtual Lan Hopping passive and Active Eavesdropping Spamming over Internet Telephony (SPIT) VoIP Phishing (Vishing).