找回密码
 注册
搜索
热搜: java php web
查看: 556|回复: 0

Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures

[复制链接]
发表于 2009-9-8 15:44:34 | 显示全部楼层 |阅读模式


作者:Peter Thermos, Ari Takanen
出版日期:August 11, 2007
出版社:Addison Wesley
页数:384
ISBN:ISBN-10: 0321437349 ISBN-13: 978-0321437341
文件格式:PDF


Product Description
In Securing VoIP Networks, two leadingexperts systematically review the security risks and vulnerabilitiesassociated with VoIP networks and offer proven, detailedrecommendations for securing them. Drawing on case studies from theirown fieldwork, the authors address VoIP security from the perspectiveof real-world network implementers, managers, and security specialists.The authors identify key threats to VoIP networks, includingeavesdropping, unauthorized access, denial of service, masquerading,and fraud; and review vulnerabilities in protocol design, networkarchitecture, software, and system configuration that place networks atrisk. They discuss the advantages and tradeoffs associated withprotection mechanisms built into SIP, SRTP, and other VoIP protocols;and review key management solutions such as MIKEY and ZRTP. Next, theypresent a complete security framework for enterprise VoIP networks, andprovide detailed architectural guidance for both service providers andenterprise users.

1       Introduction
2       VoIP Architectures and Protocols
3       Threats and Attacks
4       VoIP Vulnerabilites
5       Signaling Protection Mechanisms
6       Media Protection Mechanisms
7       Key Management Mechanisms
8       VoIP and Network Security Controls
9       A Security Framework for Enterprise VoIP Networks
10     Provider Architectures and Security
11     Enterprise Architectures and Security
About the Author
Peter Thermos is CTO of Palindrome Technologies, which provides information
security consulting services to government and commercial organizations.
Peter started his career at Bellcore (now Telcordia) as a member of the technical
staff and later as a principal technical expert on key information security and
assurance tasks. He is a frequent speaker at conferences and industry forums
including the IEEE, MIS, IEC, ISACA, VON, and others. Peter is also known
for his contributions to the security community for discovering software
vulnerabilities, the release of SiVuS (The First VoIP Vulnerability Scanner)
and the vopsecurity.org Forum. Peter holds a Masters Degree in Computer
Science from Columbia University where he is currently furthering his
graduate studies.

Ari Takanen is founder and CTO of Codenomicon. Since 1998, Ari has
focused on information security issues in next-generation networks and security
critical environments. He began at Oulu University Secure Programming Group
(OUSPG) as a contributing member to PROTOS research that studied information
security and reliability errors in WAP, SNMP, LDAP, and VoIP implementations.
Ari and his company, Codenomicon Ltd. provide and commercialize automated
tools using a systematic approach to test a multitude of interfaces on mission-critical
software, VoIP platforms, Internet-routing infrastructure, and 3G devices.
Codenomicon and the University of Oulu aim to ensure new technologies are
accepted by the general public, by providing means of measuring and ensuring
quality in networked software. Ari has been speaking at numerous security and
testing conferences on four continents and has been invited to speak at leading
universities and international corporations.

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有账号?注册

×
您需要登录后才可以回帖 登录 | 注册

本版积分规则

Archiver|手机版|小黑屋|软晨网(RuanChen.com)

GMT+8, 2024-11-26 00:26

Powered by Discuz! X3.5

Copyright © 2001-2023 Tencent Cloud.

快速回复 返回顶部 返回列表