VoIP Security Training | Voice over IP Security Training

Print Friendly, PDF & Email
Introduction:

VoIP Security Training | Voice over IP Security Training Course with real World hands-on labs

VoIP is becoming one of the most widely deployed protocols because it has the potential to lower telecommunications costs, mainly by reducing corporations' long distance charges, and support applications, like unified communications, that improve employee productivity. Market research firm Infonetics Research Inc. states that worldwide revenue from VoIP equipment rose 54% to $3.9 billion in 2005.

VoIP Security Training course is planned and designed to provide the participants with a detailed technical perspective on VoIP security and its underlying technology and protocol enablers. The VoIP Security Training course covers specifics on how to properly assess, audit and mitigate your security risks. Common VoIP attacks will be analyzed, discussed and countermeasures provided. All technical aspects of VoIP security including threats and vulnerabilities and protection mechanisms to secure signaling and media will be covered.

Duration: 3 days

VoIP Security Training | Voice over IP Security Training Related Courses

Customize It

• If you are familiar with some aspects of VoIP Security Training, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the VoIP Security Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the VoIP Security Training course in manner understandable to lay audiences.

Audience / Target Group

The target audience for this VoIP Security Training course is defined here:

• IT managers, network engineers, telecom managers, security managers, IT auditors, project managers, analysts, security engineers, security administrators, or any technical professional working with or planning to work with commercial and government based VoIP technologies including: Security professionals, incident handling teams, penetration testers, auditors, network security planning teams, network administrators, IT and telecom engineers, and IT security management. This VoIP Security Training course is also beneficial for the homeland security community, DoD and crime prevention/investigation officers.

Objectives:

After completing this VoIP Security Training course, attendees will be able to:

• Understand VoIP
• Learn VoIP security issues
• Identify VoIP security features
• Understand the threats and security holes with VoIP call control protocols H.323, SIP, and MGCP
• Identify SIP Security Features and learn how to configure and administer those features
• Learn H.323 security issues including Port usage risk, firewall inspection, and NAT configurations
• Examine VoIP best practices to support risk mitigation
• Examine VoIP management tools and best practices to support risk mitigation
• Learn how NAT and Firewalls impact call setup, media streams, latency, and application level gateway
• Understand SIP NAT Traversal
• Examine how to overcome NAT issues using STUN, TURN, and ICE
• Examine cryptographic protocols, Datagram Transport Layer Security (DTLS) protocol, Secure Real-time Transport Protocol (SRTP) protocol and Session Description Protocol Security Descriptions (SDES) protocol

VoIP Security Training - Course Syllabus:

Overview of Voice over IP (VoIP)

Traditional Telephony Systems
VoIP network architecture
VoIP protocols
VoIP signaling, media and supporting protocols
RTP, RTCP, SIP, H.323, MGCP, MEGACO/H.248
VoIP support protocols
DNS, DHCP, NTP, HTTP, SNMP, and TFTP
VoIP proprietary protocols
Cisco Skinny (SCCP), IAX2, and Skype
VoIP media protocols
RTP and RTCP
RTP/RTCP message format
VoIP Security Threat Overview
Voice Network Designs
VPN (Virtual Private Networks) and VoIP
Types of attacks
Denial of Service (DOS)
TCP/IP insecurity
Eavesdropping
Sniffing/Snooping/Wiretapping
Quality of Service Issues
Quality of Service Implications for Security
Best Practices

VoIP security issues

VOIP Risks, Threats, and Vulnerabilities
Confidentiality and Privacy
Integrity Issues
Availability and Denial of Service
VoIP Issues with Firewalls & NAT
Proxy Servers
H.323 Security Issues
Encryption Issues and Performance
Existing Security Features within the SIP Protocol
Authentication of Signaling Data using HTTP Digest Authentication
S/MIME Usage within SIP
Confidentiality of Media Data
TLS usage within SIP
IPSEC usage within SIP
Security Enhancements for SIP
SIP Security Issues
Gateway Decomposition
MGCP/MEGACO
Security Considerations
Overcoming NAT Issues
NAT/Firewall traversal
VoIP scenarios through protocols like STUN, TURN or ICE, or security gateways
Application-Layer Gateways (ALG’s)
Session Border Controllers (SBC’s)

Secure VoIP protocols

VLANs, port security controls, and 802.1x/EAP
SIP MD5 authentication, Secure SIP (SIPS or SIP/TLS)
SIP over DTLS, S/MIME
SIP over IPSec, and SIP identity
Media protocols
SRTP, SDES, secure call recording, and RTP over IPSec
Key-exchange protocols
MIKEY, Descriptions, ZRTP, and DTLS-SRTP
Man-in-the-Middle (MitM), port scanning, and banner grabbing
ARP spoofing and MitM attacks
VoIP signaling attacks: (SIP-based)
VoIP Media Attacks: (RTP-based)
RTP eavesdropping
Voice conversations and DTMF tones
RTP recording
RTP manipulation
Replacing, inserting, and mixing audio in standard and MitM scenarios
Signaling plane
Call setup and tear down
Gateways and endpoints
Management plane

Dealing with Attacks

Integrity, Confidentiality, Authentication and Non-repudiation
Eavesdropping
Jamming
Active modification
Toll stealing
DoS/DDoS Attacks
Attack Mitigation
Unauthorized Access
Toll Fraud
DoS and DDoS
IP Spoofing
Packet Sniffers – Interception and mitigation
Caller Identity Spoofing
Repudiation
Application Layer Attack Mitigation
Secure VoIP protocols
DTLS, S/MIME, SIP over IPSec, and SIP identity
VoIP supporting infrastructure
VoIP-related overview, attacks and countermeasures for DNS, DHCP, TFTP, HTTP, SNMP, ARP

Firewalls, Address Translation, and Call Establishment

Firewalls
Stateful Firewalls
VOIP specific Firewall Needs
Network Address Translation
Firewalls, NATs, and VOIP Issues
Incoming Calls
Effects on QoS
Firewalls and NATs
Call Setup Considerations with NATs and Firewalls
Application Level Gateways
Middlebox Solutions
Session Border Controllers
Mechanisms to solve the NAT problem
VPN and Firewalls
Dynamic Port Assignment

VoIP Network Security Design

VoIP Security Issues
Sources of Attacks
Sources of attacks
Types of attacks
Message Integrity
Mitigate security threats
Operating System Level Security
Authentication
Operating System Security
Network Access Security
Stateful Firewalls
Application Security
Physical Security
Hardware Access
Biometrics
Human Engineering
Tools
Low Level Security
Network Access Security
Application Security
Physical Security
Protocol Security
Attack Mitigation

Overview of Cryptographic Protocols

Secure Sockets Layer (SSL)
Public keys and private keys
SSL Certificates
Protection for confidential data
Transport Layer Security (TLS)
Symmetric cryptography for privacy
Keyed message authentication code for message reliability
Cryptographic Attributes
HMAC and the Pseudorandom Function
Application Data Protocol

Encryption & IPSEC

IPsec
The Role of IPsec in VOIP
Local VPN Tunnels
Difficulties Arising from VOIPsec
Encryption / Decryption Latency
Scheduling and the Lack of QoS in the Crypto-Engine
Expanded Packet Size
IPsec and NAT Incompatibility
Solutions to the VOIPsec Issues
Encryption at the End Points
Secure Real Time Protocol (SRTP)
Key Management for SRTP – MIKEY
Better Scheduling Schemes
Compression of Packet Size
Resolving NAT/IPsec Incompatibilities
Planning for VOIP Deployment

SIP NAT Traversal

SIP NAT Traversal
One-Way Voice Results
Full Cone NAT
IP Address Restricted NAT
Port Restricted NAT
Symmetric NAT
Simple Traversal of UDP through NATs
Traversal Using Relay NAT
NAT with Embedded SIP Proxy

Overview of STUN (Session Traversal Utilities for NAT)

Session Traversal Utilities for NAT (STUN) Protocol
Issues of video and voice applications and NAT
STUN as a client-server protocol
RFC 3489 and RFC 5389
STUN Message Structure
FINGERPRINT Mechanism
Authentication and Message-Integrity Mechanisms
STUN Usages
STUN Attributes
STUN Security Considerations
Attacks against the Protocol
Attacks Affecting the Usage
Current state

Overview of TURN (Traversal Using Relay NAT)

Relay Extensions to Session Traversal Utilities for NAT (STUN)
RFC 5766
Simple example of what TURN does
Similar Techniques
Potential issues
Technical details
Packet format
Example of connection using TURN
Current state

Datagram Transport Layer Security (DTLS) protocol

Overview of DTLS
Loss-Insensitive Messaging
Providing Reliability for Handshake
Differences from TLS
The DTLS Handshake Protocol
Security Considerations
Secure Real-time Transport Protocol (SRTP) protocol
SRTP Framework
SRTP Cryptographic Contexts
SRTP Packet Processing
Secure RTCP
Pre-Defined Cryptographic Transforms
Encryption
AES in Counter Mode
AES in f8-mode
NULL Cipher
Message Authentication and Integrity
HMAC-SHA1
Key Derivation
Key Derivation Algorithm
SRTCP Key Derivation
AES-CM PRF
Default and mandatory-to-implement Transforms
Encryption: AES-CM and NULL
Message Authentication/Integrity: HMAC-SHA1
Key Derivation: AES-CM PRF

Session Description Protocol Security Descriptions (SDES) protocol

Keys in the SDP attachment of a SIP message
Using TLS transport layer or S/MIME
SDP Crypto Attribute and Parameters
General Use of the crypto Attribute
SRTP Security Descriptions
SRTP Key Parameter
Crypto-Suites
AES_CM_128_HMAC_SHA1_80
AES_CM_128_HMAC_SHA1_32
F8_128_HMAC_SHA1_80
Session Parameters
SRTP Crypto Context Initialization
SRTP-Specific Use of the Crypto Attribute

VoIP Security and Audit Policies

Policy Creation
Policy Conformance
Incident Handling
Auditing Standards and Certifications
Basic Auditing and Assessing Strategies
The Six-Step Audit Process

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment

0