engn Five WiFI VoIP security issues 14.02.2006
Startseite Eng engn Five WiFI VoIP security issues ...
Warning: include() [function.include]: Unable to access ../inc/db.php in /home/www/web347/html/eng/voip-news.php on line 5
Warning: include(../inc/db.php) [function.include]: failed to open stream: No such file or directory in /home/www/web347/html/eng/voip-news.php on line 5
Warning: include() [function.include]: Unable to access ../inc/db.php in /home/www/web347/html/eng/voip-news.php on line 5
Warning: include(../inc/db.php) [function.include]: failed to open stream: No such file or directory in /home/www/web347/html/eng/voip-news.php on line 5
Warning: include() [function.include]: Failed opening '../inc/db.php' for inclusion (include_path='.') in /home/www/web347/html/eng/voip-news.php on line 5
14.02.2006 , Five WiFI VoIP security issues
Widespread deployment equals a security headache:
Because of the "ubiquity of deployment" in many enterprises, attacks can spread quickly and be targeted to take down multiple devices at once. IT managers should stay up to the minute with phone upgrades, and consider running phones over a separate physical or virtual LAN as a defense against these attacks.
Many points of attack:
As the phones get more sophisicated, so could the points of entry for malicious attacks increase. Bluetooth, email, client Web browsers, SMS, WiFi, media players, and image viewers could open back doors for hackers. Though users can use open-source and commercial tools to continually test their phones and networks, they'll ultimately have to rely on vendors to do proactive testing on these devices.
"Some vendors may engage in this testing while the majority will not," warns Merdinger.
Targeting phones in public environments:
For example, a Bluetooth scanner could be hidden at the entrance to a major airport or train station and be used to grab user data. It may be best to keep Bluetooth and other wireless features swicthed off when not needed.
Rogue again:
Meanwhile, at the office and on the road, users and IT departments will have to keep their guard up and scan for rogue access points. Hackers will set up access points to specifically target WiFi phones in the corporate space as well as at hotels, conferences, and other places business people like to congregate. Good device authentication and encryption can help provide protection here.
Targeted attacks:
Targeted attacks on specific voice-over-wireless networks could also be an issue, albeit one that the victims may try to downplay. "There will be targeted attacks on VoIP networks [from hackers or competitors] that will be kept quiet if there is no legal requirement for disclosure or obvious public knowledge," Merdinger says.
Users, however, shouldn't get in a snit about VOIP calls that are often unencrypted and therefore easier to listen in on. Unless attackers are targeting a specific user, it is much simpler to find useful information sent by the user or held on the phone than to listen in on calls, even if you're the NSA.
by: http://www.unstrung.com/document.asp?doc_id=89180&WT.svl=news2_2
Because of the "ubiquity of deployment" in many enterprises, attacks can spread quickly and be targeted to take down multiple devices at once. IT managers should stay up to the minute with phone upgrades, and consider running phones over a separate physical or virtual LAN as a defense against these attacks.
Many points of attack:
As the phones get more sophisicated, so could the points of entry for malicious attacks increase. Bluetooth, email, client Web browsers, SMS, WiFi, media players, and image viewers could open back doors for hackers. Though users can use open-source and commercial tools to continually test their phones and networks, they'll ultimately have to rely on vendors to do proactive testing on these devices.
"Some vendors may engage in this testing while the majority will not," warns Merdinger.
Targeting phones in public environments:
For example, a Bluetooth scanner could be hidden at the entrance to a major airport or train station and be used to grab user data. It may be best to keep Bluetooth and other wireless features swicthed off when not needed.
Rogue again:
Meanwhile, at the office and on the road, users and IT departments will have to keep their guard up and scan for rogue access points. Hackers will set up access points to specifically target WiFi phones in the corporate space as well as at hotels, conferences, and other places business people like to congregate. Good device authentication and encryption can help provide protection here.
Targeted attacks:
Targeted attacks on specific voice-over-wireless networks could also be an issue, albeit one that the victims may try to downplay. "There will be targeted attacks on VoIP networks [from hackers or competitors] that will be kept quiet if there is no legal requirement for disclosure or obvious public knowledge," Merdinger says.
Users, however, shouldn't get in a snit about VOIP calls that are often unencrypted and therefore easier to listen in on. Unless attackers are targeting a specific user, it is much simpler to find useful information sent by the user or held on the phone than to listen in on calls, even if you're the NSA.
by: http://www.unstrung.com/document.asp?doc_id=89180&WT.svl=news2_2
Tipps der Redaktion für günstiges Surfen und Telefonieren
DSL-Geschwindigkeit mit bis zu 20.000 kbit/sDSL-Flat + Telefon-Flatrate ins dt. Festnetz + digitales TV
Nur 25€ im Monat (nicht deutschlandweit verfügbar)
DSL-Geschwindigkeit mit bis zu 16.000 kbit/sDSL-Flat + Telefon-Flatrate ins dt. Festnetz und 7 euro-Länder
Nur 24,95€ im Monat
DSL-Geschwindigkeit mit bis zu 16.000 kbit/sDSL-Flat + Telefon-Flatrate ins dt. Festnetz
Nur 25,50€ im Monat
