Book Review: Hacking VoIP

November 23, 2008
Ganadeva Bandyopadhyay

In a concise two hundred and eleven pages the author has attempted to cover the protocols, security threats and their countermeasures, audit issues related to Voice over Internet Protocol(VoIP). As outlined in the beginning of the book, the audience is the VoIP administrators and other related IT personnel tackling the nitty-gritties of implementation and day-to-day functioning VoIP in an enterprise network.

With a clear primary goal of discussing security exposures and their possible solutions, the book does a good job as it takes through a security specific discussion and labs on signaling via SIP(Session Initiation Protocol) and H.323. There are also discussions on security issues related to media layer as implemented via Real-time transport protocol and security issues for both signaling and media in Inter-Asterix eXchange(IAX).  

Some of the interesting topics in the book also include exploiting weaknesses in SNMP utilizing a tool such as GetIf and making free calls using VoIPBuster. The book ends with the topics on countermeasures and audit portions. Major approach presented is the ability to provide security at both the session and media layer.

With a focused audience and a clear goal, the book does justice for a technology moving towards maturity even as it finds a growing acceptance in the enterprise. Only one suggestion can be to include some more developments, solutions and techniques still not implemented in enterprise networks but having good scope.

In search of truth View Ganadeva Bandyopadhyay's profile on LinkedIn
eXTReMe Tracker
Keep reading for comments on this article and add some feedback of your own!

Comments! Feedback! Speak and be heard!

Comment on this article or leave feedback for the author

Add your comment

(Or ping:

Personal attacks are not allowed. Please read our comment policy.

Remember Name/URL?

Please preview your comment!