|
|
Securing IP PBX against attacks and resistance testing
Kakvic, Martin ; Šedý, Jakub (referee) ; Šilhavý, Pavel (advisor)
This diploma thesis focuses on attacks on PBX Asterisk, FreeSWITCH and Yate in LTS versions. In this work was carried out two types of attacks, including an attack DoS and the attack Teardown. These attacks were carried out using two different protocols, SIP and IAX. During the denial of service attack was monitored CPU usage and detected if its possible to establish call and whether if call can be processed. The Security of PBX was build on two levels. As a first level of security there was used linux based firewall netfilter. The second level of security was ensured with protocols TLS and SRTP.
|
|
|
Design and Performance Analysis of Parallel Processing of SRTP Packets
Wozniak, Jan ; Zbořil, František (referee) ; Jurnečka, Peter (advisor)
Šifrování multimediálních datových přenosů v reálném čase je jednou z úloh telekomunikační infrastruktury pro dosažení nezbytné úrovně zabezpečení. Rychlost provedení šifrovacího algoritmu může hrát klíčovou roli ve velikosti zpoždění jednotlivých paketů a proto je tento úkol zajímavým z hlediska optimalizačních metod. Tato práce se zaměřuje na možnosti paralelizace zpracování SRTP pro účely telefonní ústředny s využitím OpenCL frameworku a následnou analýzu potenciálního zlepšení.
|
|
|
VoIP Security
Černý, Michal ; Číka, Petr (referee) ; Kovář, Petr (advisor)
Internet telephony becomes still more popular option to common telephone service. Reason may be it's price as well as availability. With growing popularity grows the risk of unauthorized use of transferred data too. There are several ways to secure VoIP communication. This bachelor's thesis talk about one of many, which is use of Secure RTP. There will be made it's implementation in the software telephone exchange Asterisk and tested functionality by trial talks and analysis of network traffic as well.
|
|
|
Implementation of Asterisk VoIP PBX
Schön, Martin ; Münster, Petr (referee) ; Szőcs, Juraj (advisor)
The thesis is divided into two parts, theoretical and practical. In theory, it analyzed the signaling protocols, the RTP protocol for data transmission, VoIP Asterisk PBX and security options. The practical part describes the installation of the Asterisk PBX, conducted demonstration call forwarding. PBX was associated with an LDAP directory server to manage users and ejabberd for text messaging protocol XMPP. It was configured translation SIP-Skype using the SiSky Gateway and with dialplan SIP-H.323 translation. The study was to develop Dialplan with IVR. It was measured bandwidth of the audio/video codecs in an encrypted/unencrypted connections.
|
|
|
Security of VoIP protocols
Novotný, František ; Číka, Petr (referee) ; Krajsa, Ondřej (advisor)
This bachelor dissertation deals with the VoIP (Voice over Internet Protocol) safety. The most used transport and signal protocols employing this technology are presented first. Two extended protocols, SIP (Session Initiation Protocol) and IAX (Inter-Asterisk eXchange Protocol), as well as open source Asterisk, which is closely connected with these protocols, are shown in detail. After that, methods, attacks and threats able to assure secure transfer in the use of VoIP among users are described. Afterwards the practical part of this essay, divided into two parts, is presented. In the first part, a passive attack in the form of tapping is demonstrated, and in the second, active attacks are described which take the form of forced cancellations and forwarded calls between two communicating users. With both attacks, safety measures that could effectively prevent against their potential attacking are proposed. In the closing part, the VoIP safety is evaluated for securing a quality connection between users communicating through it.
|
|
|
Security of real time multimedia data transmission
Otoupalík, Petr ; Koutný, Martin (referee) ; Hošek, Jiří (advisor)
This thesis deals with technology and security of real-time multimedia data transmission. The possibilities of the security of a multimedia data transfer and the mechanisms defined for the security of the signaling protocols SIP and H.323 are described with the view of security. The possible attacks on the real-time transfers are also mentioned. The basic requirements on the safe and reliable data transfer are specified. The main part of this thesis is focused on the security analysis of the data transmission of the selected communication clients, which use different security methods. The last part of the thesis deals with realization of simple attacks on multimedia data transmission and also on the SIP protocol.
|
|
|
Securing IP PBX against attacks
Hynek, Luboš ; Krajsa, Ondřej (referee) ; Šilhavý, Pavel (advisor)
This master project focuses on the possibilities of protecting the most common free software PBX Asterisk, FreeSWITCH and YATE. In practice, it was verified the behavior of PBX in the attacks and suggested protection against them on one of the most popular distributions of Linux server on CentOS. Tool was created to simulate several types of attacks targeting denial of service. Both protective options PBX themselves and operating system capabilities are used in this work. Comparison was also the possibility of protection of individual PBX with each other. It also includes a brief description of the protocol, topology attacks and recommendation for the operation of softswitches.
|
|
|
Implementation of Asterisk VoIP PBX
Schön, Martin ; Münster, Petr (referee) ; Szőcs, Juraj (advisor)
The thesis is divided into two parts, theoretical and practical. In theory, it analyzed the signaling protocols, the RTP protocol for data transmission, VoIP Asterisk PBX and security options. The practical part describes the installation of the Asterisk PBX, conducted demonstration call forwarding. PBX was associated with an LDAP directory server to manage users and ejabberd for text messaging protocol XMPP. It was configured translation SIP-Skype using the SiSky Gateway and with dialplan SIP-H.323 translation. The study was to develop Dialplan with IVR. It was measured bandwidth of the audio/video codecs in an encrypted/unencrypted connections.
|
|
|
Design and Performance Analysis of Parallel Processing of SRTP Packets
Wozniak, Jan ; Zbořil, František (referee) ; Jurnečka, Peter (advisor)
Šifrování multimediálních datových přenosů v reálném čase je jednou z úloh telekomunikační infrastruktury pro dosažení nezbytné úrovně zabezpečení. Rychlost provedení šifrovacího algoritmu může hrát klíčovou roli ve velikosti zpoždění jednotlivých paketů a proto je tento úkol zajímavým z hlediska optimalizačních metod. Tato práce se zaměřuje na možnosti paralelizace zpracování SRTP pro účely telefonní ústředny s využitím OpenCL frameworku a následnou analýzu potenciálního zlepšení.
|
|
|
Security of VoIP protocols
Novotný, František ; Číka, Petr (referee) ; Krajsa, Ondřej (advisor)
This bachelor dissertation deals with the VoIP (Voice over Internet Protocol) safety. The most used transport and signal protocols employing this technology are presented first. Two extended protocols, SIP (Session Initiation Protocol) and IAX (Inter-Asterisk eXchange Protocol), as well as open source Asterisk, which is closely connected with these protocols, are shown in detail. After that, methods, attacks and threats able to assure secure transfer in the use of VoIP among users are described. Afterwards the practical part of this essay, divided into two parts, is presented. In the first part, a passive attack in the form of tapping is demonstrated, and in the second, active attacks are described which take the form of forced cancellations and forwarded calls between two communicating users. With both attacks, safety measures that could effectively prevent against their potential attacking are proposed. In the closing part, the VoIP safety is evaluated for securing a quality connection between users communicating through it.
|
guest ::
