- Version [version]
- Download 32
- File Size 0.00 KB
- File Count 1
- Create Date May 3, 2013
- Last Updated May 3, 2013
1. VoIP Theft: Werewolf or Hydra?
Presented by Mark Lindsey, ECG.
The Bad Guys are stealing service from any VoIP service provider they can. The attacks come through several vectors, but typically they (a) discover SIP credentials, then do direct SIP registration; or (b) compromise a customer VoIP device, then route calls through it.
Many products and practices have sought to address the problem. While some powerful techniques have been produced, none of these are a silver bullet that stops the problem and allows the flexibility needed for modern, open VoIP Service Providers.
Nevertheless, a combination of techniques is making real progress. Based on experience at multiple major US VoIP service providers, we show that a particular combination of ingredients, when applied properly and in concert, neutralizes all of common attacks.
This talk presents the prevalent attack techniques, the combination we're having success with, the contribution of each element of protection, how the combination is working in practical service providers.