Skip Links

Network World

Patrick Park

Malformed Messages - Protocol Fuzzing

Submitted by papark on Sat, 02/21/09 - 7:18pm.

As part of VoIP threats series, I'd like to introduce Malformed Messages (or Protocol Fuzzing). An attacker may create and send malformed messages to the target server or client for the purpose of service interruption. A malformed message is a protocol message with wrong syntax. The following shows an example with a SIP INVITE message.

Read more

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?

Call Flooding Attack

Submitted by papark on Wed, 02/11/09 - 3:32pm.

As part of VoIP threat series, I'd like to introduce "Call Flooding" which is the typical VoIP attack against availability (refer to previous blog "VoIP Threat Taxonomy" to know the category). Typically, An attacker floods valid or invalid heavy traffic (signals or media) to a target system (for example, VoIP server, client, and underlying infrastructure), and drops the performance significantly or breaks down the system. The methods of flooding are as follows:

Read more

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?

VoIP Threat Taxonomy

Submitted by papark on Fri, 02/06/09 - 1:44pm.

There are so many different kinds of threats or attacks in VoIP world. Attackers may disrupt media service by flooding traffic, or collect privacy information by intercepting call, or make fraud calls by spoofing identities. Spammers may utilize VoIP networks to deliver spam calls, instant messages, or presence information, which are more effective than email spams because it is very difficult to filter VoIP spam. Anyway, there are many possible ways to categorize these threats. I would use four categories that most VoIP threats are belonging to:

Read more

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?

VoIP Security Blog Introduction

Submitted by papark on Mon, 02/02/09 - 4:02pm.

Hi Everyone, I'm Patrick Park and about to write blogs about "VoIP Security". Let me introduce myself first. As a VoIP engineer, I've been working on product design, netwwork architecture design, testing and consulting last 12 years. Currently, I work for Cisco Systems focusing on network architecture and security for Telepresence system (high-definition, life-size video conferencing solution).

Read more

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
About VoIP Security by Patrick Park

Patrick Park, as a VoIP engineer, has been working on product design, network architecture design, testing, and consulting. He is an author of Voice over IP Security, published by Cisco Press. Currently, Patrick works for Cisco Systems focusing on network security and architecture for TelePresence system. He also worked for Covad Communicationsas a VoIP security engineer focusing on the design and deployment of secure network and lawful interception.

We have 15 copies of Voice over IP Security to give away. Go here to enter to win, and go here for a sneak peak of a chapter.

This blog is part of the Cisco Subnet blogging community.

 

Most Discussed Posts