Hack4: Attacks on VoIP Infrastructures

In the last few years the VoIP protocol has increasingly become more important for companies, not least on account of long-term cost savings or uniform use of infrastructures. The introduction of VoIP also leads to the start or extension of the desire for strict separation of certain data in the network.

This separation is not normally attained physically, but at a logical level via VLANs. If an attacker manages, for example, to access other VLANs in the internal network, this person may be able to record confidential call connections or extend their own access privileges.

The perspective of an attacker will be adopted during a two-day workshop. Methods through which the above-mentioned objectives can be attained will be demonstrated. The workshop will provide a deeper insight into the methods of attackers so that participants can subsequently assess and minimize the risks in their own network. Theoretical concepts will be explained and learned attack vectors will be tested by means of practical "hands-on" exercises.

Topics

Technical principles

  • Introduction to techniques
  • VoIP terminology and structure
  • Passive and active traffic analysis
  • VLAN terminology and structure

Attack methods

  • Network-based attacks on VoIP phones and systems
  • Attacks on authentication procedures
  • Attacks on data confidentiality
  • Boot attacks and other physical trunking attacks
  • Inter-VLAN routing

Protection measures 

  • Detection possibilities
  • IT security principles
  • Configuration recommendation 

Technical requirements

Basic knowledge of network technology

Duration

Three days