2 Days Left to Save $200 on SANS Cyber Defense San Diego 2014

Reading Room

VOIP Issues

Featuring 9 Papers as of December 29, 2008

Click Here

  • Security Considerations for Avaya ESS Implementation by Thomas McDermott - December 29, 2008 

    This paper addresses the security requirements of an enterprise PBX. The sample PBX architecture is an Avaya Enterprise Survivable Server (ESS) environment supporting an enterprise with multiple call centers.

  • Skype: A Practical Security Analysis by Bert Hayes - October 15, 2008 

    The purpose of this paper is to suggest best practices and recommendations when running Skype.

  • VoIP Security Vulnerabilities by David Persky - December 21, 2007 

    Since the dawn of time, humans have tried to communicate with each other. As languages and dialects prospered, the forms of communication became more advanced by using letters in various alphabets and writing messages on papers or letters. From the Caeser cipher that Julius Caesar used where letters in encrypted messages were actually three letters off, to the Nazis in WWII who built and used the Enigma machine to encrypt military communications, to SIP-TLS to encrypt VoIP conversations, as forms of communication have advanced there have been subsequent efforts to keep those communications secret by one party, and to identify the clear message by a second party.

  • Security Issues and Countermeasure for VoIP by Jianqiang Xin - February 7, 2007 

    This paper focuses on these VoIP specific security threats and the countermeasures to mitigate the problem.

  • Voice Over Internet Protocol (VoIP) and Security by Greg Tucker - January 17, 2005 

    This paper will describe Voice Over Internet Protocol (VoIP) to a level that allows discussion of security issues and concerns. Business concerns of implementing VoIP, components of a VoIP system, and relevant security issues and concerns as they apply to the topics, are explored.

  • The VoIP Dilemma by Fernando Robles - August 15, 2004 

    This paper intends to discuss the general security concerns that need to be considered during the design and implementations of a VoIP (Voice over Internet Protocol) converged infrastructure.

  • Latency and QoS for Voice over IP by Karie Gonia - March 20, 2004 

    This paper will familiarize the reader with the fundamentals of a VoIP (Voice over IP) implementation and its effects. VoIP has been a front runner for companies looking to take advantage of IP.

  • Security Concerns with VOIP by Eric Weiss - August 20, 2001 

    This paper will briefly discuss the following IP telephony standards: H.323 from the ITU, Session Initiation Protocol (SIP) from the IETF,and MGCP by the Media Control Working Group.

  • Secure Voice Over IP by Brian Stringfellow - August 15, 2001 

    The purpose of this document is to give a general overview of Voice over IP (VoIP) and to explain the essential security issues surrounding a successful VoIP deployment.

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

All papers are copyrighted. No re-posting or distribution of papers is permitted.

Masters - This paper was created by a SANS Technology Institute student as part of their Master's curriculum.