Something Old (H.323), Something New (Iax), Something Hollow (Security), And Something Blue (Voip Administrators) presented at Blackhat USA 2007

by Himanshu Dwivedi,

Tags: Security Testing

Summary : The presentation will discuss the
security issues, attacks, and exploits against two VoIP protocols,
including IAX (a newer protocol) and H.323 (an existing VoIP protocol).
H.323 is a well known technology; however, its security issues are not
well publicized. While previous VoIP presentations and/or whitepapers
discuss SIP security extensively, much is to be desired about H.323
security content and attack tools. Despite the fact that H.323 is most
dominant VoIP session-setup protocol used in enterprise environments, it
has not been given adequate attention in terms of security. The
presentation will cover specific security attacks targeting H.323
authentication weaknesses, replay attacks, endpoint spoofing (E.164
alias), hopping attacks, and a sleuth of DOS attacks that can be
executed with a few UDP packets. The presentation will also include a
demonstration of new tool for H.323 security testing
(H.323-me-ASAP.exe), which will be released at the conference.