We’ll be speaking at VoiceCon in San Francisco next week. On Monday, August 20 we teach a three hour long tutorial entitled IP Telephony Security Threats and Countermeasures. Here’s the agenda:
IP Telephony has already become a popular playground for attackers. This tutorial provides the latest information on security issues for IP Telephony implementations. The instructors are co-authors of the new book, Hacking Exposed: VOIP. The course will help you assess the potential dangers and identify the steps that can be taken to improve security. You will gain an appreciation for the nature of the security threats to IP-PBX gear and receive practical recommendations for how to handle threats. The tutorial covers how attacks are perpetrated against IP Telephony end users and operators, outlines the steps to take to protect both users/subscribers and the IP Telephony infrastructure, describes the relevant standards for improving IP Telephony security and looks at emerging issues and technologies.
On Tuesday August 21, we’ll both be in the panel entitled Preparing for the Inevitable: Voice-Oriented Attacks. Here’s the session description:
So far, the emphasis in VOIP security has been to protect the underlying IP network –rather than voice elements–from attacks. However, it’s only a matter of time before call-control servers and other voice network elements are targeted directly. This session will familiarize you with voice-oriented attacks and give you ammunition to help prevent–or contain–any damage.
- What are the most serious voice-oriented attacks being seen “in the wild?” Which have only appeared as hackers’ “proof of concept,” but could soon go live?
- What avenues are used to attack voice-specific infrastructure, and how do you protect these?
- What types of equipment and technologies must you implement to stop voice-oriented attacks?
- What specific kinds of damage can these attacks cause?
Please stop by and say hello!