VoIP Security

VoIP telephone systems are susceptible to the same type of attacks as are any Internet-connected devices. This means hackers who know about these vulnerabilities (such as insecure passwords) could compromise the security of your line by denial-of-service attacks, harvest customer data, record conversations and break into voice mailboxes. Another challenge is routing VoIP traffic through firewalls and network address translators. Private Session Border Controllers are used along with firewalls to enable VoIP calls to and from protected networks. For example, Skype uses a proprietary protocol to route calls through other Skype peers on the network, allowing it to traverse symmetric NATs and firewalls. Other methods to traverse NATs involve using protocols such as STUN or Interactive Connectivity Establishment (ICE). Many VoIP providers in Canada implement security on their servers but is good to be alert and ask when you are planning for your home phone alternative.

Many consumer VoIP solutions do not support encryption, although having a secure phone is much easier to implement with VoIP than traditional phone lines. As a result, it is relatively easy to eavesdrop on VoIP calls and even change their content. An attacker with a packet sniffer could intercept your VoIP calls if you are not on a secure VLAN. However, that would require physical access to your Home network or access to your VoIP provider – also the security of the facility security provided by ISPs make packet capture less of a problem than originally foreseen. Further research has shown that tapping into a fiber optic network without detection is difficult if not impossible. This means that once a voice packet is within the Internet backbone it is relatively safe from interception.

There are open source solutions, such as Wireshark, that facilitate sniffing of VoIP conversations. Securing the content of conversations from malicious observers requires encryption and cryptographic authentication which is sometimes difficult to find at a consumer level. The existing security standard Secure Real-time Transport Protocol (SRTP) and the new ZRTP protocol are available on Analog Telephone Adapters (ATA) as well as various soft-phones. It is possible to use IPsec to secure P2P VoIP by using opportunistic encryption.

Should be noted VOIP providers have been the targeted of hackers; which may turn into a Denial of Service for VOIP subscribers or in other cases spoofing the identity to make unauthorized calls. As the utilization of VOIP is widespread reputable and security conscious providers are increasingly investing to detect and deter such threats.

Minimizing risks
VoIP communications offer great value and come with many features specially fit for today’s needs and ideal for Home Phone Alternative – just make sure to deploy it by taking these precautions:

Secure your equipment: Select VoIP equipment that uses current wireless security standards such as WiFi Protected Access (WPA), WPA2, and IEEE 802.11i. Avoid relying on Wired Equivalent Privacy (WEP) security – it’s an older and less secure technology.

Authentication and encryption: Turn on any authentication and/or encryption features available with your VoIP system. This will help keep unauthorized people out of your network and ensure privacy for your calls. WPA, WPA2 and IEEE 802.11i devices all come equipped with advanced encryption and authentication technology.

VoIP firewall: Use a firewall specially designed for VoIP traffic. The firewall will identify unusual calling patterns and monitor for signs of attack.

Two Connections: If feasible, have a separate Internet connection for your VoIP line, so viruses or attacks threatening your data network will not affect your phone.

Up-to-date anti-virus: Use up-to-date antivirus and anti-spam technology on all of your internet devices.

Awareness: You can act as a solid line of defense by being on the lookout for strange activities on your VoIP line and by being familiar with techniques attackers use.

The Canadian Government also offers a good list of tips referred to VoIP utilization @ GetCyberSafe.ca