by Himanshu Dwivedi
October 2008, 232 pp.
Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it's notoriously lacking in security. With minimal effort, hackers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.
Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If you're serious about security, and you either use or administer VoIP, you should know where VoIP's biggest weaknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.
Hacking VoIP will introduce you to every aspect of VoIP security, both in home and enterprise implementations. You'll learn about popular security assessment tools, the inherent vulnerabilities of common hardware and software packages, and how to:
Whether you’re setting up and defending your VoIP network against attacks or just having sick fun testing the limits of VoIP networks, Hacking VoIP is your go-to source for every aspect of VoIP security and defense.
About the Author
Himanshu Dwivedi is a leading security expert and researcher. He has published four books, Hacking Exposed: Web 2.0 (McGraw-Hill), Securing Storage (Addison Wesley), Hacker's Challenge 3 (McGraw-Hill), and Implementing SSH (Wiley). A founder of iSEC Partners, Himanshu manages iSEC's product development and engineering, specialized security solutions, and the creation of security testing tools for customers.
Table of Contents
PART I: VoIP Protocols
PART II: VoIP Security Threats
PART III: Assess and Secure VoIP
View the detailed Table of Contents (PDF)
View the Index (PDF)(top)
"Hacking VoIP is a practical guide for evaluating and testing VoIP implementation in your enterprise. I liked the concept where the author focused just on 'upper scale' deployments, making the book perfect for the system administrators that are getting deeper into the world of securing VoIP."
"With VoIP rapidly proving to be a very cost-effective alternative to closed, proprietary network solutions, it is also shaping up to become the next white and black hacker battleground. Reading Himanshu's book supplies a meaningful education on the positive and negative opportunities that the technology can deliver developers, security professionals and users alike."
"With a focused audience and a clear goal, the book does justice to a technology moving towards maturity even as it finds a growing acceptance in the enterprise."
"I've never really thought about the subject and this book was a great introduction--not too light and a good read. I highly recommend it if you are remotely interested in the subject."
"The book provides a good background on the VoIP protocols themselves, and Dwivedi does an excellent job of explaining the weaknesses and exploits. VoIP admins should read this book and follow Dwivedi's advice to protect their VoIP environments."
"The content is . . . presented clearly with excellent wording and just enough detail to get me started."