VoIPshield has been working with major VoIP vendors since last December. Following the terms of their Responsible Disclosure Policy, VoIPshield provided all of the VoIP vendors with detailed vulnerability descriptions and enough time to reproduce and respond to them. Different vendors responded in different ways – some of them accused VoIPshield of grandstanding, self-promotion and skirting the boundaries of ethical disclosure. But others, specifically Cisco Systems, responded in a professional manner and acknowledged the issues and is working with VoIPshield to resolve them.
There are over 1.2 billion landline and over 2 billion wireless phones (there are less than 1 billion PCs). They are all converging on common VoIP network infrastructure and becoming part of the Internet. But as we have seen in the early days of the Internet, security problems are being downplayed or outright ignored. Vendors are rushing to market with new applications and devices without proper security. Users are, in most cases, not aware that their new voice infrastructure brings serious security problems and exposures. There are simple ways of quickly assessing the security of VoIP networks, for example, by using VoIP Vulnerability Assessment tools such as VoIPauditLite, which VoIPshield makes available as a free download. And if you want to protect your VoIP infrastructure from these attacks, you may wish to think about deploying a VoIP Intrusion Prevention System (VIPS) such as VoIPguard. View VoIP Security Resources:
Identified VoIP Vulnerability Database | |
VoIP Security Industry Resources | |
VoIP Security White Papers | |
Learn About VoIP Security | |
View dramatization of hacking into a financial institution's VoIP telephony system and see just how vulnerable enterprise VoIP systems really are:
If YOU were a sales executive with a Cisco reseller, would YOU get FIRED for bringing up VoIP security with a potential VoIP enterprise customer?
Cisco Power Supplies Cisco Authorized Factory Refurbished List Pricing Cisco Repair and Hardware Troubleshooting |