Understanding Voice over IP Security (Artech House Telecommunications Library) [Hardcover]

Alan B. Johnston (Author), David M. Piscitello (Author)

Book Description

Series: Artech House Telecommunications Library | Publication Date: March 31, 2006

VoIP (voice over IP) networks are currently being deployed by enterprises, governments, and service providers around the globe and are used by millions of individuals each day. Today, the hottest topic with engineers in the field is how to secure these networks. "Understanding Voice over IP Security" offers this critical knowledge. The book teaches practitioners how to design a highly secure VoIP network, explains Internet security basics, such as attack types and methods, and details all the key security aspects of a VoIP system, including identity, authentication, signaling, and media encryption. What's more, the book presents techniques used to combat spam and covers the future problems of spim (spam over instant messaging) and spim (spam over internet telephony).

Editorial Reviews

About the Author

Alan B. Johnston is a distinguished technical member at MCI and an adjunct assistant professor of electrical engineering at Washington University in St. Louis. He holds a B.E.(Hons) in electrical and electronic engineering from the University of Melbourne, Australia and a Ph.D. in electrical engineering from Lehigh University. He is a co-author of the SIP specification RFC 3261 and several other SIP-related RFCs.

Product Details

• Hardcover: 276 pages
• Publisher: Artech House Publishers; 1 edition (March 31, 2006)
• Language: English
• ISBN-10: 1596930500
• ISBN-13: 978-1596930506
• Product Dimensions: 9.4 x 6.3 x 0.8 inches
• Shipping Weight: 1.2 pounds (View shipping rates and policies)
• Average Customer Review: 4.8 out of 5 stars  See all reviews (5 customer reviews)
• Amazon Best Sellers Rank: #2,323,397 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

4 of 4 people found the following review helpful:

5.0 out of 5 stars A detailed overview of VOIP and security, May 21, 2006

By 

Marcus J. Ranum (Morrisdale, PA United States) - See all my reviews
(REAL NAME)   

This review is from: Understanding Voice over IP Security (Artech House Telecommunications Library) (Hardcover)

VOIP - the next big thing in network communication? Or a security disaster in progress? My money's on the latter, so I was happy to be able to read through this book. It has a lot of useful background material on security and security technology, and then ties it into VOIP and the current implementations of the VOIP suite. The authors don't exactly come out and say it but the situation for VOIP looks a bit grim - security kludged on as an afterthought largely by layering atop TLS and the non-existent non-functioning public key infrastructure.

I found the book to be interesting an informative, and will recommend it as a reference to any of my friends who are so unfortunate as to have to deal with securing VOIP.

mjr.

1 of 1 people found the following review helpful:

4.0 out of 5 stars Comprehensive and in-depth book!, January 27, 2007

By 

Dr Anton Chuvakin "Dr. Anton Chuvakin" (CA, USA) - See all my reviews

This review is from: Understanding Voice over IP Security (Artech House Telecommunications Library) (Hardcover)

Now, VOIP security has been talked about for a few years; it started even before organizations started to deploy VOIP in greater numbers. Many folks like to say that "VOIP security is a disaster," but usually they don't explain how or why.

Dave Piscitello does. In his excellent book ""Understanding Voice over IP Security" he provides excellent coverage of both VOIP technology basics as well as internet security fundamentals (which are admittedly more useful to the security beginners) Then he fuses the above information into a comprehensive coverage of VOIP security issues, from protocols to call fraud.

VOIP and NAT? Security analysis of SIP protocol? VOIP and honeypots? PSTN gateway security? Public VOIP vs private VOIP? Is VOIP spam inevitable? Yes, all those and much much more are covered in the book.

On the negative side, I had to skip through some of the security basics (yes, even a castle metaphor is there ...), but I am conscious of the fact that such content is indeed useful to people with networking background. At the same time, some of the esoterica of phone networks was completely new to me and thus exciting to read.

I enjoyed the book; I liked that it is written to be useful to both security folks - who need to learn about VOIP - and network folks - who often need to acquire better security education.

Dr Anton Chuvakin, GCIA, GCIH, GCFA [...] is a recognized security expert and book author. His current role is a Director of Product Management with LogLogic, a log management and intelligence company. A frequent conference speaker, he also represents the company at various security meetings and standards organizations. He is an author of a book "Security Warrior" and a contributor to "Know Your Enemy II", "Information Security Management Handbook", "Hacker's Challenge 3" and the upcoming book on PCI. In his spare time he maintains his security portal [...] and several blogs.

1 of 1 people found the following review helpful:

5.0 out of 5 stars Outstanding VOIP Security book, September 1, 2006

By 

Michael (Florida) - See all my reviews

This review is from: Understanding Voice over IP Security (Artech House Telecommunications Library) (Hardcover)

As a CTO of a software technology company in the middle of a VOIP project, I found this book invaluable in our research. There are very few books/guides/articles that talk about VOIP security and I believe this is huge thing to consider as you launch a VOIP network in your facilities or work with the protocols. The other book I read was not nearly as technical or complete and some issues defied standard communications standards which I believe were inaccurate.

I can see from the writing that the authors bring complementary knowledge to the table. One being a data/internet security
expert who considers voice "yet another stream of data to protect" and this agnosticism is IMO a good thing because it brings voice into the IT security realm in many enterprises. The other author is a voice and VOIP standards expert so he is able to call attention to the voice and voice protocol specific issues.

The book utilizes many easy to read real world scenarios that lighten the material and distinguish it from being just a reference book on protocols and standards. These scenarios often incorporate well laid out diagrams and pictures that really help you understand what's happening.

If you are investigating or implementing VOIP networks, I definitely recommend you get this book and read it cover to cover.