Thursday, October 30, 2008

Hacking VoIP--New from No Starch: New Book Shows How Easy it Is to Attack VoIP

San Francisco, CA, October 29, 2008-Voice over Internet Protocol (VoIP) is an increasingly widespread new technology that allows users to escape the tyranny of big telecom and make phone calls over the Internet. But while VoIP may be cheap and convenient, it's notoriously lacking in security. With little effort, attackers can eavesdrop on conversations, disrupt phone calls, inject content into existing conversations, change caller IDs, and access sensitive information-all without the awareness of the VoIP users making the phone calls.

Voice over Internet Protocol ( VoIP ) is an increasingly widespread new technology that allows users to escape the tyranny of big telecom and make phone calls over the Internet. But while VoIP may be cheap and convenient, it's notoriously lacking in security. With little effort, attackers can eavesdrop on conversations, disrupt phone calls, inject content into existing conversations, change caller IDs, and access sensitive information—all without the awareness of the VoIP users making the phone calls.

Hacking VoIP approaches VoIP security from two angles, explaining VoIP's many security holes to both hackers and administrators. The book raises awareness of the importance of VoIP security, describes potential attacks, explains VoIP's biggest weaknesses, and offers solutions for protecting against potential exposure and attacks. Readers learn how to defend against VoIP attacks as they explore issues with VoIP security and the boundaries of VoIP protocols.

"VoIP is fun, but it's remarkably easy to attack," said No Starch Press founder Bill Pollock. "People think that when they pick up the telephone they're on a secure line, but not when that call is being made over VoIP. Hacking VoIP demonstrates just how easy it is to attack VoIP, and how best to plug those security holes."

Hacking VoIP explains every aspect of VoIP security, discusses popular security assessment tools, and explores the inherent vulnerabilities of common hardware and software packages. Readers learn how to:

Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phishing
Audit VoIP network security and assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk and home implementations like Yahoo! and Vonage
Use VoIP protocols like H.323, SIP, RTP, and IAX
Locate potential vulnerabilities in any VoIP network
Use both existing and newly released VoIP security tools
Whether setting up and defending VoIP networks against attacks or just having sick fun testing the limits of VoIP security, Hacking VoIP is every user's go-to source for VoIP security and defense.

For more information, to schedule an interview with the book's author, or for a review copy of Hacking VoIP, please contact Travis Peterson at No Starch Press ( nostarchpr@oreilly.com, +1.415.863.9900, x300 ), or visit www.nostarch.com.

No comments: