VOIP & Telephony - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  VOIP & Telephony


VOIPs Cry: More Secure Data Nets



 By: Matthew Broersma
2004-06-10
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this VOIP & Telephony story.


  Table of Contents:
  1. VOIPs Cry: More Secure Data Nets
  2. ' Page Two '

Rate This Article:
Poor Best
VOIPs Cry: More Secure Data Nets
( Page 1 of 2 )

Security experts claim enterprise voice-over-IP systems can be made secure, but companies must first take basic steps to secure their data networks.LONDON—Enterprise voice-over-IP systems can be made reliable and secure, but to do it, many IT managers will have to do a lot more than theyre doing now, said security experts at this weeks VON Europe conference here.

Executives from Alcatel, Hewlett-Packard Co., Cisco Systems Inc. and security firm Codenomicon Ltd. agreed that voice running on a companys IP network is just like any other application, with the same kinds of vulnerabilities and similar processes for ensuring security. The problem, they said, is that many companies are not up to scratch on security best practices—a situation that may be acceptable for e-mail and Web systems, but that can only lead to trouble when voice comes into the picture.

"Switching to VOIP broadens the scope of what you have to worry about," said Cisco Technical Marketing Engineer Greg Moore. "It opens up all the problems that affect the Internet, including worms and denial-of-service attacks."

Enterprise IP telephony is distinct from "voice over the Internet" in that it almost always takes place over companies own managed data networks, and thus is insulated from the vagaries of the public network. For that reason enterprise VOIP systems are among the easiest to secure, after long-distance bypass systems, according to Alcatel Director of Security Research Francois Cosquer. More complex are residential systems and especially voice over the Internet, he said.

That said, many companies havent taken basic steps to secure their data networks, said Moore. "When they go to put voice on their network, the telecoms manager is like, No way are you putting my voice on your insecure network," he said.

The advent of VOIP means well-known exploits such as man-in-the-middle attacks can intercept not just e-mails, but voice conversations with customers or between executives, Moore said. Besides the run-of-the-mill e-mail worms, there will inevitably be viruses aimed specifically at VOIP systems—and even VOIP spam, warned Alcatels Cosquer.

Click here to read why VOIP & Telephony Center Editor Ellen Muraskin says enterprise VOIP is just as secure as traditional voice.

Then there are software vulnerabilities, an issue that cant be addressed by security protocols or standards, said Ari Takanen, chief executive of Codenomicon. "The problem of software quality is hard to solve. All software will have mistakes, and on the Internet everybody will be kicking it and punching it to find out what those mistakes are," he said. "If you know a vulnerability, you can disable that software from anywhere, at any time, repeatedly." The answer is third-party testing, Takanen said.

Resource Library:
Next page: Preventative steps.





  Reader Comments: VOIPs Cry: More Secure Data Nets
>>> Be the FIRST to comment on this article!
 


 
 
>>> More VOIP & Telephony Articles          >>> More By Matthew Broersma
 


x}ks㶲*Q3皢H=m-y3ciƙVi)S$I٣dϟ_n߸҃8wg4ЍFl|G޻$\8acr3c |{ޤ>w߽ !?F0Bo92t&-ĆY:'5=)G~W-âZPb٥v'Y̮gfV҈ gE)"t'dni_77^ۧ'77fٚY JdTYMUYsYڟ:gg:Rl3HkCp=['^=z?Zz>5t0V+JJgdZ6E$Y-r"//!}O}fr*GrI/o,o/K$Zȱn>@|Ӡd8r* ߱a^S;G7ۯrxxf=Mf #dLil.zh-Alo*Kh,ru&@S{~$] cκb.L2o<|JmR—U/(AM/- 5f>].Q#=^f A.r)i  6=aLT(\q_5 .΃pW9Q] K\MޢG <7ǛvW.~lzmXxX18*]ev␄`\ZԶ7j0676)CR J h2e8l ԰2nБ6_~ӁNӦI|J s65N< EC!` ڴb\f4!>F&MЀa;Ah>[W `2Vs)wdm˴rBoڅRT眺_dI_f]jlȌ}>IVFg';oW fܤ|r*#wTB~*)dj~#J͸^`3h{q#%IAg =e河@d:[[I%7˺vx_No6y4 }g@xC dlK kZ1%/D4$B]`c.EGQHl - 686p#X}nP rQ '0F,-3^EVV j5^R5>m,!0(2@7$3QҖlxu:.CϱȧKs=: -`q˱3 lTNϣ)a!w1ZJoX*,b3)T$1Sbp=Pz˸Fq,X@XĞ]F\CǚO]Swa﬽1JWM!jFd>i '[HF{>8`Tf le82-0|{;Hy&ofJPT$P/#Y- Uȱ,!26[5{N`WK)KӞ@#@:*CT c"D8rj_Ǝ< ?\ug>:F} `'pnKtāhͰh8`]zq$\٭S,* xH1Mxg٧O䱯1ۉi0@q_8R"X @54 y } " L19J+b*[8 Utn) FvjIM-"P/?ˇ%1$46 =A,Ca&:`BE Ms8-!y@{yλWԴG+%5b34JmFt)DY-z]-Sb_@ԕBVTkkiyE0Tfv1FcwĉjY V~ q?x^=}e,}P\_6c}EfH^ab2UgY@o& voՆ'yq̤ͬ|=N-gf~xk jLsE)$xUr}s\&q7F /hwy<ꊪ`xL4J$F؜A]o^c/w2=2۠OFvX2Fw(pZ&<=̕[ c >L=;L4G;.E;["qDdkŎrP=(RPc0:]bW`;D`wϨx3v.bCYVU,nAEj `3o?f/$NM.j:~*` H~'+jP`MSkZ%$: ?>wdΥ,j+BGI}/[&Io%;W>W\qѿ"ϟn`>;J@ r;~O;a.riQ@J|@t0\'*BxX8YHX9H(P8Yx#L!6xLRs?A`?q=<9^K(܈ ȰLty'Vqm?&;%u.p-z U>6 `i8~{L(c׆?{%s%u\nxm}-od~؞D4lre}J|I{ѽᯛU[J:^;OjtK͋#ȃ!yN/͛-ͦ5Bk;d4)H3p\#s#VDH]h!M}Ù9I.Dz=aXUcgܰTtx-ͣ ;coEw~}k`!d LZc  @RPOh[#ZEsqZgp6"[ B X1 1uJ1 _RJMQ=#_ijV{L9/PINQ):(9Q{_a8Kѷo%Aߐ>1K7xEdW(khL:bkZ;DdNlp j_tzaESrfFv4/%/pCZi}z{D&aP;D3pu*"Ehwl)~r/-{xoC?O.yrQD_InM|0uOtdkX /'yT7N{m^X fC\fo?c_; ?--8 砞CzR+dc: M"I^QԼڭUdE)IW=ۋ^oK9zXK1@7YM (fެyi99Q3-|c1-?i_gpwߵ z i}E)]K5"vًK*qǛyuQZȓGDK`!i>R{+!bi4W3[TdO#@/-Vɼci|62> ACXؙqbLpܓPfpyn ֔E3q#ĠHߛsEs 5DN Xw+iƿ'!ʋIVܱS,*Oo+N{kE|;̔-u\ K-_U_r _? P߅M{fv+ ~=nɸ!E'ͶxLL>'3p6=xfEgLLt 8*dZ_BNO?>ymү_i㷄Sg as&Pkc\R+Oqnb32j'ڐS 3)]~Lȅ71-!q|&v{ \s n \W&"r>yB<Ƕ\N*wURI9||- bOε2`ҥɒJUDTfe X44UPҶZ|ƀ:/"Ώݤǖ8/!^ z*:ZlKRml_1Gƚ,TPvK>7c0j)ѵ|cc%zm٤XĨdiH^~a@`.]hs؛9>_\0}7(8[h$v@8^ߙ2)ڕǴډjRr&Vt>h`~|'JİHpXWlM"زNSBlmT_\iT:,N6Xd;xUFePH (2([GmInw]:nb;Vsȼk"B? ~s ~s ~s ~s ~}b 4\X_=edAIڽrģ)Lj^gNҢHX$_n`"-ju&R?.ǵے7xҏ2[6lZ@{mSrؙ: eZ,ݏH|&,zR^&1$!i=y WFHإ\R|..JrץvmХfPsI%-(VA8m}焥$%J hfK*48O$s$rTq3x`R:A/sėRPq%ЅgE{!%25~K|6j/u쑧aO xN5 *}lIMwtm1C,faYL)wg!?@Msq 楗zIЦiVE2} @tA0T(i輆mW6D0AY0I ο%psjKoj/E:,˗FcjS0B0<:fR`^iXeSmEƮ-yEKEy7777+Kkꦃ0hwO D/Z Y1[o&$+[9#q X[ݎ+w ' >nhęY\/iCgiKLR 5ޚ_*Zoj{9}&Cķ¶MI\qvpIr\?eIΈ{NhJ:>a 6daW3B;x3U^ߗ>ӞR4 u-06cj$L xTC,QkdmY5zRV;Ⱦ~F# :,^>mqml[k{buXXȤ0/ԡ^3hN oNijj(Gnycz_KtdKĮc1(A!'cI.׺|{Y/ 35eI'@cyG1rWa=f$%?[^m(ޠjDW{{P/߃s<즎E"̀6g궷A(+Cm`:d;6_LHJ~Pmc/@m:$ U=0VEQ^z\&UQ׷V[#fyV{mV)KjNLneh>[)y#W/%4Sؘ bM$487o WS&e<},~YfM#R n"-'j z`{Sx417(j>a3?}gոpk{Qm`2^Ӳ뿓$y3g1fI,S$&pP]}zUc]c*c\aLW槚9莻gCQ{cj q"o(" j`ڀ _ffZP_hslk`ΐ[?Cb$2"Mv?C* 2N2ŗOYl /TLqӬfo!_`n3廻y+/1q,(Ga((+3u@K5OaQM:'6[O<7Ņ%+xܱ{-ē~*~O5JAk('>?E7J.U6ZG) nbb+n\*6M BaD0‡qaBXE7m8ѵADr vqPrBYm2?1we1i}(fyB4쒞ĸWܚ"9IHVTkY+ ,5 i5+cZrF,?tUHE V./> ?QX2.G6Ë/-IyoYK>qNfAfQȢiw \f9HV jqzz_ZbiiE.c 2u5WHk̘xjvlMz yԥBMDnEwTCRfxOu lN󴮘#Vi<7M8Vi6v&*m'ֻhzBR[o^;C'ܬDIg '7g^E[TvXh 104;$r `XKx6_j<\πTnA4`C"gR%26VV߱Z,Jvw(k1E7}yJM-TZIܣz iî'=vyAȍJ.Ks̗v9Xiec>Hy)ހyJ Ys4a=2'}sJ%.agN$(cXLaz/;K' pv|w\׻9Q"mx8F^$h@Ja󽻴m%5Dh#s-vH[5A\N{3EJMh>#Ծ7=ǎ~9~$jsa s-;K]Zd3+n{lˊRMȶ<.NS)q:ɹfke9\.#V¯R^fVܞVkWTl?`hîY_ŌVR>fF5mF4ƿJ< E 9)o XTp— :{bR=P[ )8'7/|T3/b=#-Ѩ#=a< z̥7b{@\wr q,-D||FH?K1+2sjD /uh߶ rվ]M=<zsgD&8 xwM5q+ `H0|{Go5$.+Ja S'#[:K[J>{φ\o|I7[>BYs4pLzUpX(b#s~! g6L- DƤ"c*4FJ[!}s MǤۭpx ;YC) Q?cG3%xHbx&My ֭[Ӧ, 㥶NxcZ|"GX#&3(+9Fx_k~ 7{~H-*y`qY@y+LD͂`Ax~L#[C P/MF>i3 VOi0qsXc# .E.Ӈ;a8=<ɭs6N$%~6t0^-tV#?jKg0Y.89P0(-ŌC 5Z(OBVBBve &F([=7) ;ke5 #M蕴BN)^ȈY40u>'}7cgrֽ!MrvnǓM^E_¾V-J-=et[Oן:WU?83=X1(Ky2/*vg(P]5/NQʩŢksYx9% Ew<U;Mj*^m^;^dB7P~ (By794h3Ot},>a3#\_~5;;\(u2ƇUF91\C/3^_~/2j׸̘K2K{AKe}. /?/32?QF22ϡ<PK((ʘ+ ʘ.1.n~fk on22  忬/1>ArS~~2w Y{ f wɵN2!(ofY7NO\8'\$_Y OY尅:(? }V)@yN lc3\)e{9;[?[vOBX\Jzp+Wg޲i5~iAm<{} yW V`˼r4ęG_A)q. gل@C؞{#uO wOʻϝ!i҇>re5mνU}ӉFZ=Ś|=هQV+0N`}pW}sռ\7߷C{6'Ku}MoNDB$p g;w0d/~y$_ Kȝ `7Lx ~2'ikm}s&1{;sh.ZԿsg:Cc(.0πė%>f2 mZ޳Zo/TrY:q&р%Ux+WVX#e 6i Z(5:XzU}>1qN@3.tf K1P EY:u:Y{N6\$%4-ϫ΢R%%i{j9.KPRJVm.Q ?rfo]mM~@ăHv!$kDx/bz`#Y ւ_/gwd&%}YQ \)Jqk+yGRݠ#K7"i³oPm <%*`>=nX">xEE`"sv3l]@_vܥiLUhHl;rS_<ԼmQ޺%76x}°҄ O1K;pY .Ыvl>cy Lw}xs_DJnvo Oop-d9m<` G6J$߂)04o 9@/7A{nJ F Oɮy@FC0!Zi},KEt%(Xp^GA֮js;>Ba1\DGx kok3gzϷ{<=v7sgC'+_2ҵEnBVJr}P/)OrLgsZ %. _Hv"]k,{ QAbfA8utvAѪv"60^YwKRl@ swS a \NXeNܔ1uF.E]khT[_ )**M 9/u3p߼v®"vyA4gXIڙBX<ٰ>|p+o=Љe{4^ζp2$82K>as1jVI6{{a0&|iE-㨤t`C v_Ήqph;?2>A wvǰY2!&ۅ7O80Ux|-h\s{M_;9LgѼ:"?X9<҇d'KWܱ v:7=wKF \味<ACWq @cĵ6y8L] 9l!j1Bi6eY1bR&0W_AsLe]TtCBYE="VKjMΡmjpQ! acTx 1L(V,Yדu!.xBG,?ɋ|P byx ^ŗ$NSX?|T+O 70K+ Sa%l|^k/o?XY/5/;xH%D=C ؛ggq^vXvQ;J=Vju'+=={`o73g|oUAF]Q+j5Nbi~ۊX#iQgrH ZqlN~늘p5J,?-5MR"GZi/%!zRզr0~=̭MӃ/2a-dƆHkcka1Բ|LDȿ&