As I mentioned earlier my old colleague Mark Collier from SecureLogix authored a book on VoIP security. I read through the first couple chapters of Hacking Exposed VoIP and so far it is a pretty good read. I am not terribly knowledgeable about VoIP so just reading through the book has been a good education.
One thing I liked about “Chapter 1: Footprinting a VoIP Network” was the information about adapting common hacking techniques such as Google Hacking to VoIP environments. The book outlines a number of useful search signatures that can be used to find interesting information about public-facing VoIP facilities.
Both Chapter 2 (Scanning a VoIP Network) and Chapter 3 (Enumerating a VoIP Network) have a lot of information that is a repeat of material you can find in other places – most specifically Hacking Exposed, 5th Edition. Some folks might see this as a negative but I found it really useful. As a person who is getting up to speed on VoIP it was valuable to see the underlying network facilities and protocols that make up the core of a VoIP deployment. Individuals who are deploying VoIP systems would do well to review the countermeasures outlined in the book for those infrastructure services while designing their deployments. I also enjoyed the primer on the SIP protocol in Chapter 3.
More info to come as I make further progress through the book. So far, though, Hacking Exposed VoIP has been a good resource for those deploying VoIP systems as well as those trying to undermine the security of VoIP installations. I expect that future chapters will delve deeper into VoIP-specific security issues and will therefore be increasingly interesting to readers with a more solid grounding in VoIP basics.
dan _at_ denimgroup.com