sip

Network communication China (Voipchina) message VoIP flaw is used ceaselessly, but the expert says, these facts make clear pair of security to have higher demand only, and cannot explain this technology is put in the crisis with deadly move.

Researcher announced to believe the tool of your agreement H.323 and AIX in the light of VoIP, and the tool in inserting frequency VoIP call. Among them, a tool that explores conversation automatically to start consultative safety flaw is thought to be able to be transmitted in VoIP flow to carry data.

Advanced and safe advisory Barrie Dempster says company of Next Generation Security Software, the problem is not to appear in VoIP technology, appear in its implementation however.

He says: “If your network safety the tradition applies in VoIP logically, you can make it resembles other any agreements are euqally safe. You can make it resembles other any agreements are euqally safe..

The safe notoriety of VoIP

The notoriety of VoIP safe flaw results from for the most part this technology is newer, its code did not consider security certainly when write, this is a problem that puzzles a lot of new technologies.

Dempster was mentioned use the method that Asterisk(opens source PBX) one kind, include buffer to spill over. He says, this kind of flaw and other flaw can be passed delete not the code of application characteristics and undertake to used character safe audit will make do. He says: “The problem is not itself of specific and safe flaw, however the mature sex of software. And, so far, had not undertaken in the light of software corresponding safety examines a mechanism all the time. Had not undertaken in the light of software corresponding safety examines a mechanism all the time..

People realized this problem, resist through announcing foregone flaw to help development the defense measure of flaw.

The industry organized VoIP safe alliance to announce tool of a hacker on the website, this organization regards a test as VoIP this tool whether resist the safe tool of the attack in real world tries to popularize.

CTO Peter Thermos of company of Palindrome Technologies of safe advisory orgnaization says, the security that protects VoIP cannot not achieve. He disclosed can change call way by or the media gateway that cuts off call dominates a deliberation (the safe flaw that MGCP) exists.

He still revealed a safe flaw that ZRTP exists. ZRTP returns what did not make a standard to increase close VoIP agreement. This agreement cannot be added close the dialling tone that presses the phone bolts place arises, the method that the credit card date that this kind of course of action may make VoIP circuitry is inputted adopts analytic frequency by pilfer.

Thermos says, this MGCP problem will need finally to undertake modification to consultative itself, nevertheless, the blame accredit visit of the port that at present the user can use through preventing pair of MGCP will enhance consultative security. ZRTP problem involves consultative reality, before this, use the kind that adds a patch in the system to solve all the time.

He says, the optimal course of enterprise deploy VoIP is to set those who be aimed at different company ahead of schedule ” because of the person different ” safe requirement. He says, financial orgnaization or governmental orgnaization may need confidential sex, accordingly, need more adding than other company close ability.

Thermos says: “The safety that a when I see common error is network him regulation that the client was not them asks, after producing a problem, ability realizes they need security, regard security as additional cost next. ” he says, from still can protect VoIP better with respect to deploy safety tool at the beginning, resist the menace that has not discover.

Safer than PSTN

Although be put in the possibility of attack really, but a few experts say, the communal exchange telephone network with VoIP traditional comparing (PSTN) is safer.

The Codenomicon company that produces software security to check a tool founds person, CTO Ari Takanen to say: “VoIP system wants security than traditional system much. ” he admits VoIP is put in safe flaw, but he expresses at the same time, these safe problems are not insuperable.

He says: “IP system more expose, but it is OK to have more the safety precaution of deploy. If do not use it accordingly, na Taiyu wriggled. Na Taiyu wriggled..

Cullen Jennings of engineer of ministry of Cisco company VoIP points out, PSTN advocate call square ID to be gone to very easily by smell explore, expenses is fraudulent if using traditional PBX to undertake very common. But Jennings says, the dependability of PSTN is one wide the service quality index that is advocate.

But, this does not mean PSTN impeccable, safer than VoIP even. He says, “Not be the dependability goal that says PSTN did not achieve it, say however this and advocate call square ID to whether can be arrived to do not have a relation by smell explore. Whether does core net break down, whether be aimed at with menace advocate call square ID to did not concern. Whether be aimed at with menace advocate call square ID to did not concern..

The road is high one feet evil spirit is high one a unit of length

Akif Arsoy of manager of product of Verisign company VoIP says, the enterprise won’t reject VoIP because of afraid security finally. They will use its deferent and compositive speech and data in shirt-sleeve network. Arsoy says: “The thing that the user will get they are couldn’t get on traditional speech today from VoIP. “The thing that the user will get they are couldn’t get on traditional speech today from VoIP..

Thermos says, even if is such, the near future will appear the case that more VoIP flaw are used. He says, he had discovered more letters make consultative weakness and actual flaw. But he says this is returned is one when VoIP faces safe challenge begins only, this kind of problem emerges in endlessly the development that follows application. Attack and defend even if the road is high one feet, evil spirit is high the argue of one a unit of length. (The United States ” Network World ” stalk of grain only for our newspaper)