Hacking Exposed Unified Communications & VoIP, 2nd Edition
- Length: 560 pages
- Edition: 2
- Language: English
- Publisher: McGraw-Hill Osborne Media
- Publication Date: 2013-11-25
- ISBN-10: 0071798765
- ISBN-13: 9780071798761
- Sales Rank: #1120167 (See Top 100 Books)
The latest techniques for averting UC disaster
“This book is a must-read for any security professional responsible for VoIP or UC infrastructure. This new edition is a powerful resource that will help you keep your communications systems secure.” —Dan York, Producer and Co-Host, Blue Box: The VoIP Security Podcast
“The original edition, Hacking Exposed: Voice over IP Secrets & Solutions, provided a valuable resource for security professionals. But since then, criminals abusing VoIP and UC have become more sophisticated and prolific, with some high-profile cases ringing up huge losses. This book is a welcome update that covers these new threats with practical examples, showing the exact tools in use by the real attackers.” —Sandro Gauci, Penetration Tester and Security Researcher, Author of SIPVicious
“Powerful UC hacking secrets revealed within. An outstanding and informative book. Hacking Exposed: Unified Communications & VoIP Security Secrets & Solutions walks the reader through powerful yet practical offensive security techniques and tools for UC hacking, which then informs defense for threat mitigation. The authors do an excellent job of weaving case studies and real-world attack scenarios with useful references. This book is essential for not only IT managers deploying UC, but also for security practitioners responsible for UC security.” —Jason Ostrom, UC Security Researcher, Stora SANS Institute, co-author, SEC540 class
“After reading Hacking Exposed: Unified Communications & VoIP Security Secrets & Solutions, I was saddened to not have had this book published years ago. The amount of time and money I could have saved myself, and my clients, would have been enormous. Being a professional in an ITSP/MSP, I know firsthand the complexities and challenges involved with auditing, assessing, and securing VoIP-based networks. From the carrier level, right down to the managed PBX level, and everything in between, Hacking Exposed: Unified Communications & VoIP Security Secrets & Solutions is a de facto must-have book. For those learning VoIP security to those heavily involved in any VoIP-related capacity, this book is worth its weight in gold.” —J. Oquendo, Lead Security Engineer, E–Fensive Security Strategies
“Hacking Exposed: Unified Communications & VoIP Security Secrets & Solutions, includes more sophisticated attack vectors focused on UC and NGN. The authors describe in depth many new tools and techniques such as TDoS and UC interception. Using these techniques, you will learn how you can identify the security problems of VoIP/UC. This book is a masterpiece.” —Fatih Ozavci, Senior Security Consultant at Sense of Security, Author of viproy
“This book provides you with the knowledge you need to understand VoIP threats in reality. No doom and gloom, overhyped, never to happen in the real-world scenarios. You will understand the vulnerabilities, the risks, and how to protect against them.” —Shane Green, Senior Voice Security Analyst
Establish a holistic security stance by learning to view your unified communications infrastructure through the eyes of the nefarious cyber-criminal. Hacking Exposed Unified Communications & VoIP, Second Edition offers thoroughly expanded coverage of today’s rampant threats alongside ready-to-deploy countermeasures. Find out how to block TDoS, toll fraud, voice SPAM, voice social engineering and phishing, eavesdropping, and man-in-the-middle exploits. This comprehensive guide features all-new chapters, case studies, and examples.
- See how hackers target vulnerable UC devices and entire networks
- Defend against TDoS, toll fraud, and service abuse
- Block calling number hacks and calling number spoofing
- Thwart voice social engineering and phishing exploits
- Employ voice spam mitigation products and filters
- Fortify Cisco Unified Communications Manager
- Use encryption to prevent eavesdropping and MITM attacks
- Avoid injection of malicious audio, video, and media files
- Use fuzzers to test and buttress your VoIP applications
- Learn about emerging technologies such as Microsoft Lync, OTT UC, other forms of UC, and cloud and WebRTC
Table of Contents
Part I: Casing the Establishment
Chapter 1 VoIP Targets, Threats, and Components
Chapter 2 Footprinting a UC Network
Chapter 3 Scanning a UC Network
Chapter 4 Enumerating a UC Network
Part II: Application Attacks
Chapter 5 Toll Fraud and Service Abuse
Chapter 6 Calling Number Spoofing
Chapter 7 Harassing Calls and Telephony Denial of Service (TDoS)
Chapter 8 Voice SPAM
Chapter 9 Voice Social Engineering and Voice Phishing
Part III: Exploiting the UC Network
Chapter 10 UC Network Eavesdropping
Chapter 11 UC Interception and Modification
Chapter 12 UC Network Infrastructure Denial of Service (DoS)
Chapter 13 Cisco Unified Communications Manager
Part IV: UC Session and Application Hacking
Chapter 14 Fuzzing, Flooding, and Disruption of Service
Chapter 15 Signaling Manipulation
Chapter 16 Audio and Video Manipulation
Chapter 17 Emerging Technologies