Hacking exposed : unified communications & VoIP security secrets & solutions
The latest techniques for averting UC disaster Establish a holistic security stance by learning to view your unified communications infrastructure through the eyes of the nefarious cyber-criminal. Hacking Exposed Unified Communications & VoIP , Second Edition offers thoroughly expanded coverage...
| Otros Autores: | , , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
[Place of publication not identified]
McGraw Hill Education
2014
|
| Edición: | 1st edition |
| Colección: | Hacking Exposed
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009629517306719 |
Tabla de Contenidos:
- Cover
- Title Page
- Copyright Page
- Contents
- Acknowledgments
- Introduction
- Part I: Casing the Establishment
- Case Study: Is There Really Any SIP in the Internet?
- Scanning the Entire Internet for SIP Servers
- Using the Shodan Search Engine to Locate Internet SIP Servers
- 1 VoIP Targets, Threats, and Components
- Campus/Internal UC
- Session Initiation Protocol and SIP Trunk Threats
- Increased Threats from the Public Voice Network
- Hosted UC
- Summary
- References
- 2 Footprinting a UC Network
- Why Footprint First?
- UC Footprinting Methodology
- Summary
- References
- 3 Scanning a UC Network
- Our VoIP Test Bed
- Network Host/Device Discovery
- Port Scanning and Service Discovery
- Host/Device Identification
- UC Phone Scanning and Discovery
- Summary
- References
- 4 Enumerating a UC Network
- SIP 101
- RTP 101
- Banner Grabbing
- SIP User/Extension Enumeration
- Enumeration of Other UC Support Services
- UC Application-Level Enumeration
- Summary
- References
- Part II: Application Attacks
- Case Study: A Real-world Telephony Denial of Service (TDoS) Attack
- The Payday Loan Scam
- 5 Toll Fraud and Service Abuse
- Internal Abuse of Unmonitored Phones
- Full-Scale Toll Fraud
- Summary
- References
- 6 Calling Number Spoofing
- Calling Number 101
- Spoofing/Masking the Calling Number with an IP PBX
- Anonymous Calling
- Network Services and Smartphone Apps
- Summary
- References
- 7 Harassing Calls and Telephony Denial of Service (TDoS)
- Harassing and Threatening Calls
- Social Networking TDoS
- Automated TDoS
- Call Pumping
- DTMF DoS and Fuzzing
- Summary
- References
- 8 Voice SPAM
- Understanding Voice SPAM
- Summary
- References
- 9 Voice Social Engineering and Voice Phishing
- Voice Social Engineering
- Voice Phishing
- Summary
- References.
- Part III: Exploiting the UC Network
- Case Study: The Angry Ex-Employee
- 10 UC Network Eavesdropping
- UC Privacy: What's at Risk
- First, Gain Access to the UC Traffic
- Now That We Have Access, Let's Sniff!
- Summary
- References
- 11 UC Interception and Modification
- ARP Poisoning
- Application-Level Interception Techniques
- Summary
- References
- 12 UC Network Infrastructure Denial of Service (DoS)
- Call and Session Quality
- What Are DoS and DDoS Attacks?
- Flooding Attacks
- Network Availability Attacks
- Supporting Infrastructure Attacks
- Summary
- References
- 13 Cisco Unified Communications Manager
- Introduction to the Basic Cisco UC Components
- Network Reconnaissance
- Exploiting the Network
- Summary
- References
- Part IV: UC Session and Application Hacking
- Case Study: An Attack Against Central SIP
- 14 Fuzzing, Flooding, and Disruption of Service
- Access to SIP and RTP
- What Is Fuzzing?
- Flooding
- Summary
- References
- 15 Signaling Manipulation
- Registration Manipulation
- Redirection Attacks
- Session Teardown
- SIP Phone Reboot
- Other Signaling Manipulation Tools
- Summary
- References
- 16 Audio and Video Manipulation
- Media Manipulation
- Media "Steganophony"
- Summary
- References
- 17 Emerging Technologies
- Other Enterprise UC Systems
- Over-the-Top (OTT)/Internet Softphone Applications
- Mobility and Smartphones
- Other Forms of Communications
- Bring Your Own Device (BYOD)
- The Cloud
- WebRTC
- Summary
- References
- Index.
