Start reading Hacking VoIP: Protocols, Attacks, and Countermeasures on the free Kindle Reading App or on your Kindle in under a minute. Don't have a Kindle? Get your Kindle here.

Deliver to your Kindle or other device

Enter a promotion code
or gift card
 
 
 

Try it free

Sample the beginning of this book for free

Deliver to your Kindle or other device

Sorry, this item is not available in
Image not available for
Color:
Image not available

To view this video download Flash Player

 

Hacking VoIP: Protocols, Attacks, and Countermeasures [Kindle Edition]

Himanshu Dwivedi
3.5 out of 5 stars  See all reviews (4 customer reviews)

Digital List Price: $35.95 What's this?
Print List Price: $44.95
Kindle Price: $19.77
You Save: $25.18 (56%)

Free Kindle Reading App Anybody can read Kindle books—even without a Kindle device—with the FREE Kindle app for smartphones, tablets and computers.

To get the free app, enter your email address or mobile phone number.

Formats

Amazon Price New from Used from
Kindle Edition $19.77  
Paperback $31.83  
Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Book Description

Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it's notoriously lacking in security. With minimal effort, hackers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.


Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If you're serious about security, and you either use or administer VoIP, you should know where VoIP's biggest weaknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.


Hacking VoIP will introduce you to every aspect of VoIP security, both in home and enterprise implementations. You'll learn about popular security assessment tools, the inherent vulnerabilities of common hardware and software packages, and how to:


  • Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phishing
  • Audit VoIP network security
  • Assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk, and home VoIP solutions like Yahoo! and Vonage
  • Use common VoIP protocols like H.323, SIP, and RTP as well as unique protocols like IAX
  • Identify the many vulnerabilities in any VoIP network

Whether you're setting up and defending your VoIP network against attacks or just having sick fun testing the limits of VoIP networks, Hacking VoIP is your go-to source for every aspect of VoIP security and defense.



Editorial Reviews

About the Author

Himanshu Dwivedi is a leading security expert and researcher. He has published four books, Hacking Exposed: Web 2.0 (McGraw-Hill), Securing Storage (Addison Wesley), Hacker's Challenge 3 (McGraw-Hill), and Implementing SSH (Wiley). A founder of iSEC Partners, Himanshu manages iSEC's product development and engineering, specialized security solutions, and the creation of security testing tools for customers.


Product Details

  • File Size: 2072 KB
  • Print Length: 220 pages
  • Publisher: No Starch Press; 1 edition (August 24, 2010)
  • Sold by: Amazon Digital Services, Inc.
  • Language: English
  • ASIN: B004OEJN9C
  • Text-to-Speech: Enabled
  • X-Ray:
  • Lending: Not Enabled
  • Amazon Best Sellers Rank: #1,072,737 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
  •  Would you like to give feedback on images?.


Customer Reviews

3.5 out of 5 stars
(4)
3.5 out of 5 stars
Share your thoughts with other customers
Most Helpful Customer Reviews
3 of 3 people found the following review helpful
3.0 out of 5 stars For System Administrators January 26, 2011
Format:Paperback|Verified Purchase
The opening of this book clearly explains that this book is for people who are system administrators. I would like to add that this book seems to be for system administrators who are just too busy with everything else to care about technicalities of the security and don't know much about security in general.

However, when I saw No Starch Press released this book, I was not expecting the contents to be so tame. The bulk of the book is how man in the middle attacks effect the different protocols and the multitudes of denial of service attacks using legitimate VoIP commands. However, the details are mostly just glossed over and a very general overview is given for the attack and then a tool is provided. How to use tools and the exact switches are perhaps half of the explanations in the book. For those who understand man in the middle, how there is no trust in UDP, and how to read RFC's, you will find little in this book that is interesting. This is the reason why I gave the book a 3 despite it being exactly what the title says.

Not all of the book was bad. Chapter 7 is on unconventional VoIP attacks and gives the reader some interesting ideas on how VoIP attacks can be used. The first half of Chapter 6 shows client configuration abuses and is the type of material I was expecting from this book.

If you are a system administrator who doesn't know much about security and would like to read some quick overview of VoIP insecurities without technicalities, this is the perfect book for you. If you were looking for a technical guide on VoIP security, then look elsewhere.
Comment | 
Was this review helpful to you?
3 of 4 people found the following review helpful
5.0 out of 5 stars An Excellent VoIP Security manual July 22, 2009
Format:Paperback
Eureka! What a pleasant surprise. This is the best Hacking book I have ever read. as matter of fact the book scared me so much that if asked I would classify it as "non-fictional horror".

According to Himanshu Dwivedi "Hacking VoIP is a security book written primarily for VoIP administrators"; This statement is in the introduction of the book, that is the only thing I did not find to be true, I like to change that statement to read something like " .....a security book written primarily for Information Security and Auditors it can also be used by VoIP administrators.....".

I accidentally started reading this book, and I just got hooked. The book is devided into 4 sections;
1-Introduction VoIP Security
2-VoIP Protocols
3-Security treats
4-Securing and Auditing VoIP
The 4 sections are contained in very well organized 10 Chapters. Each chapter, no each line of each chapter is a list of ingredients needed to break in to a VoIP phone, switch or a server.

The author goes at great lengths creating a VoIP lab, following his step by step recommendations and downloading the programs listed, I actually created the exact same lab, I have no idea why. Than downloaded the hacking tools, which should go in the blacklisted application database of every business, once again following the steps outlined in the book I could actually break into conversations, change caller ID (you can really play sick tricks with this feature), and realize that the 6 character password I have for my voice mail is actually crackable in less than 10 minutes.

OK!, Where is the beef? You may ask, how can I use this book? Well! Up to Chapter 9 you learn what a malicious person is or may try to do.
Read more ›
Was this review helpful to you?
3 of 4 people found the following review helpful
4.0 out of 5 stars Great resource to understand VoIP security April 7, 2009
Format:Paperback
Voice over IP (VoIP) communications are a core component of the next wave of communications. Consumers and enterprises both are beginning to grasp the benefits of VoIP communications and making the switch from traditional voice communications to VoIP.

VoIP can be a double-edged sword as well though. It provides cost savings. It adds flexibility and extensibility that isn't possible with traditional telephone communications. It enables a whole new scope of applications to interact with and leverage voice communications in whole new ways.

However, with all of those benefits, it also merges voice data onto the standard data network and exposes what was a relatively secure system to a wide variety of attacks and exploits. Traditional voice attacks like eavesdropping or wiretapping are still issues, but on a grander scale. And now voice communications can also be subjected to denial-of-service (DoS) and man-in-the-middle (MiTM) and other attacks that have traditionally been reserved for data networks.

With Hacking VoIP: Protocols, Attacks, and Countermeasures from No Starch Press, Himanshu Dwivedi explores the security issues inherent with VoIP communications and how to protect your VoIP system against them.

Dwivedi opens the book by walking through how to build a VoIP lab environment to use as you read through the book to get first-hand experience and understanding of the VoIP attacks and exploits and the countermeasures to use against them. This hands-on experience helps the reader to see the attacks in action rather than just reading about them.

The book provides a good background on the VoIP protocols themselves, and Dwivedi does an excellent job of explaining the weaknesses and exploits. VoIP admins should read this book and follow Dwivedi's advice to protect their VoIP environments.
Comment | 
Was this review helpful to you?
Most Recent Customer Reviews
Search Customer Reviews
Search these reviews only

More About the Author

Discover books, learn about writers, read author blogs, and more.

What Other Items Do Customers Buy After Viewing This Item?


Forums

There are no discussions about this product yet.
Be the first to discuss this product with the community.
Start a new discussion
Topic:
First post:
Prompts for sign-in
 


Look for Similar Items by Category