Original title:
Metody zabezpečení IP PBX proti útokům a testování odolnosti
Translated title:
Securing IP PBX against attacks and resistance testing
Authors:
Kakvic, Martin ; Šedý, Jakub (referee) ; Šilhavý, Pavel (advisor) Document type: Master’s theses
Year:
2014
Language:
cze Publisher:
Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií Abstract:
[cze][eng]
Táto diplomová práca sa zaoberá problematikou zabezpečenia PBX ústrední Asterisk, FreeSwitch a Yate v LTS verziách. V práci boli vykonané dva typy útokov, a to útok na dostupnosť služby a útok na ukončenie relácie medzi užívateľmi. Útoky boli realizované pri použití dvoch rôznych protokolov, a to SIP a IAX. Pri útoku na dostupnosť služby bolo monitorované vyťaženie procesora, zisťované či je možné vytvoriť hovor a či je možný priebeh hovoru. Zabezpečenie ústrední bolo riešené na dvoch úrovniach. Ako prvá úroveň zabezpečenia bol použitý linuxový firewall netfilter. Druhá úroveň zabezpčenia, resp. zabezepčenie na úrovni ústredne bolo riešené pomocou protokolov TLS a SRTP.
This diploma thesis focuses on attacks on PBX Asterisk, FreeSWITCH and Yate in LTS versions. In this work was carried out two types of attacks, including an attack DoS and the attack Teardown. These attacks were carried out using two different protocols, SIP and IAX. During the denial of service attack was monitored CPU usage and detected if its possible to establish call and whether if call can be processed. The Security of PBX was build on two levels. As a first level of security there was used linux based firewall netfilter. The second level of security was ensured with protocols TLS and SRTP.
Keywords:
Asterisk; DoS; FreeSwitch; IAX; Iaxflood; Iptables; PBX; SIP; Sipp; SRTP; Teardown; TLS; Wireshark; Yate; Asterisk; DoS; FreeSwitch; IAX; Iaxflood; Iptables; PBX; SIP; Sipp; SRTP; Teardown; TLS; Wireshark; Yate
Institution: Brno University of Technology
(web)
Document availability information: Fulltext is available in the Brno University of Technology Digital Library. Original record: http://hdl.handle.net/11012/32917