|
|
Protection of VoIP networks and their testing
Ulický, Ivan ; Sysel, Petr (oponent) ; Krajsa, Ondřej (vedoucí práce)
Main goal of creating this diploma thesis is existence of increasingly amount of potential threats against IP voice networks (VoIP). The thesis is devoted to testing of various types of attacks and provides some possible solutions for this systems as well. The work points out to a various types of current attacks against either insecure or very little secure structures. The theoretical part is dedicated to analyse and description of wide spectrum of VoIP protocols including signaling protocols (SIP, IAX2), transport protocols (RTP, RTCP) and security protocols (SRTP, ZRTP, IPsec, SDES). Further attention is dedicated to the one of possible open source IP PBX solutions called Asterisk. There is shown a variety of possible attacks against this system due to its openness, because open systems always tend to be more susceptible for various attacks as they need an advanced administration and endless need for searching of new trends in area of security. The last block of the theoretical part is focused on common threats and types of attacks against VoIP networks. The practical part is about design and creation of web application called ,,VoIP Hacks using PHP” written in PHP scripting language and ist main task is to execute three basic attacks: eavesdropping, call drop and call flood. There is also a possibility of port scanning of selected network which is added as supplementary part of this application. The application can be comfortably managed from web browser user interface. All captured data can be displayed directly into the web browser. Tests of the application were performed on Google Chrome and Mozzila Firefox browsers. There is an accent placed on cooperation between the application and terminal linux programmes such as Tshark, BYE Teardown, INVITE flooder or Nmap, which all accept commands from web interface and interpret gained output values back to the web browser.
|
|
|
Protection of VoIP networks and their testing
Ulický, Ivan ; Sysel, Petr (oponent) ; Krajsa, Ondřej (vedoucí práce)
Main goal of creating this diploma thesis is existence of increasingly amount of potential threats against IP voice networks (VoIP). The thesis is devoted to testing of various types of attacks and provides some possible solutions for this systems as well. The work points out to a various types of current attacks against either insecure or very little secure structures. The theoretical part is dedicated to analyse and description of wide spectrum of VoIP protocols including signaling protocols (SIP, IAX2), transport protocols (RTP, RTCP) and security protocols (SRTP, ZRTP, IPsec, SDES). Further attention is dedicated to the one of possible open source IP PBX solutions called Asterisk. There is shown a variety of possible attacks against this system due to its openness, because open systems always tend to be more susceptible for various attacks as they need an advanced administration and endless need for searching of new trends in area of security. The last block of the theoretical part is focused on common threats and types of attacks against VoIP networks. The practical part is about design and creation of web application called ,,VoIP Hacks using PHP” written in PHP scripting language and ist main task is to execute three basic attacks: eavesdropping, call drop and call flood. There is also a possibility of port scanning of selected network which is added as supplementary part of this application. The application can be comfortably managed from web browser user interface. All captured data can be displayed directly into the web browser. Tests of the application were performed on Google Chrome and Mozzila Firefox browsers. There is an accent placed on cooperation between the application and terminal linux programmes such as Tshark, BYE Teardown, INVITE flooder or Nmap, which all accept commands from web interface and interpret gained output values back to the web browser.
|
host ::
RSS.