After learning about the basic VoIP protocols, it's a good idea to familiarize yourself with their security weaknesses. H.323
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchNetworkingChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchNetworkingChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
and SIP, the two main protocols used by VoIP hardware, are both plagued with security issues that network consultants and systems integrators should be aware of when working with their customers. This tip examines some of these inherent weaknesses.
VoIP protocol insecurity
SIP and H.323 have both been plagued by security issues. SIP because of its simplicity and H.323 in spite of its broader design parameters. To be fair, many other Internet protocols are vulnerable to spoofing or buffer overflows. But given the high availability associated with the public switched telephone network, companies moving to VoIP may be more sensitive to these threats. Furthermore, as RFC 3261 acknowledges, "SIP is not an easy protocol to secure. Its use of intermediaries, its multi-faceted trust relationships, its expected usage between elements with no trust at all and its user-to-user operation make security far from trivial."
Learn more about the vulnerabilities of H.323 and SIP.
Get more information on VoIP protocols.
This was first published in December 2006