IP SUB NETTING
INTRODUCTION
Voice over Internet Protocol or IP telephony is a routing protocol for voice communication over IP-based internet networks. Unlike traditional dedicated-circuit switched networks, voice data flows through generalized packet-switched networks.
Voice over IP is increasingly adopted in the world due to its inherent features and benefits. Organizations all over the world have saved millions worth of resources by adoption voice over IP communication to replace traditional telephone systems. Through network consolidation, transmission of data, voice, and video signals have been facilitated as a result significantly reducing the cost of set up and maintenance. Thus, different multimedia devices have been integrated together to bring enhanced functionalities .Research from telecommunication firm Juniper indicates that the growth in VoIP communication in business entities has accounted for over $18 million in revenues and future projections indicate an exponential growth.
It is thus apparent that VoIP accords organization enormous returns in terms of revenue, improved communication and ease of access. However, there are setbacks stemming from security vulnerabilities. The security Of VoIP is increasingly challenging to implement than traditional communication systems. This is due to the fact that VoIP inherits the same infrastructure as data networks and as such, the problems associated with them are replicated in VoIP systems. Also, the industry has not matured enough to develop standards that regulate VoIP communication. The support for voice and data networks complicate compliancy management standards. Finally, VoIP suffers from considerable Quality of Service and an implementation strategy that that improves QoS will in turn sacrifice security.
The fundamental problem in VoIP systems lies in security and privacy. To that effect, industry players have centered their development around security and privacy at the expense of other essential requirements such as return on investment and ease of utilization. Security has been enhanced through the use of a number of models build to attain the motive. A basic multi-party freedom model applicable to any public communication system is used together with basic privacy based models and social responsibility model founded on acceptable user policy.
Over the past two years, the clinic has battled various court cases with clients over privacy issues. A number of clients have reported breach of privacy during communication and want the clinic held liable for doing little to guarantee security of their information. There is an apparent lack of security in the company’s telephony communication medium. Calls have been reportedly intercepted at some time and in spite of the security measures adopted at that instance, it appears that little has changed. This has triggered the hospital management to change their security approach in regards to VoIP. The company had rolled out VoIP deployment a year ago and given the cost analysis, it was saving a lot as a result of the plan. The current happenings have prompted them to act decisively and determine all the security vulnerabilities associated with the deployment of VoIP application.
The manager of the company has approached our consultancy company for a comprehensive review and consultancy services for the current VoIP deployment and a recommended solution on how such vulnerabilities can be mitigated in future.
This paper explores the security vulnerabilities associated with VoIP and conducts a comprehensive review in the context of XYZ clinic. In order to effectively deliver up to the tasks, the paper will base its review of security threats in terms of confidentiality of information, integrity, and availability. Finally, the paper will recommend solutions that will ensure maximum security in terms of infrastructural changes to the current deployment, policies, and other logical mechanisms as deemed necessary.
ANALYSIS
A company implementing a VoIP solution stands to benefit from the enormous cost benefits accorded but should not compromise security in the process. Security threats jeopardize the confidentiality, integrity and availability of information. This has the extended effect of affecting the organizations business with stakeholders and clients.
Confidentiality of information in a clinic facility is disastrous to the reputation of the facility, clients and physicians. Confidentiality bin this sense implies that information is accessed by unauthorized persons. If confidential information such as private documentation, financial data, personal data such as passwords, conversion history or conversation content is revealed to outside parties apart from the authorized persons such as physicians and doctors, it stands compromised and its effects can be life-changing. As regards to confidentiality, the following security vulnerabilities are imminent in VoIP deployment.
Eavesdropping
With conventional telephone conversations, a physical access mechanism to tap a line or penetration of a switch is required for eavesdropping to be successful. However, with VoIP, the probability of eavesdropping is magnified tenfold. The large numbers of nodes used for communication are large and if an attacker succeeds in compromising one of them, it makes it easy to access the IP through them. With the use of a network analyzer or sniffing tools, the conversations between the communicating parties can be converted into file systems that can be saved and played later. Referring to a scenario where a patient reported the possibility of a taped conversation between her and the physician, it is possible that one of network analyzing tools were used by attackers. VoMIT AND Wireshark are examples of analyzing tools used by attackers to eavesdrop on a network. Wireshark is an advanced analyzing tool that peers into the network and record a variety of system activity such as level statistics and bits of a packet. The attacker then uses these details to troubleshoot the network security thereby dissecting the network.
After successful attacks they can access information on a network and see patient’s details, of which they can use for varied crimes. Patient’s addresses, contacts, lab reports, financial details are sensitive information that if reveals to outside parties leads to immeasurable damaged. Attackers usually use this information to blackmail patients, conduct fraud or utterly harass.
With integrity, information can be classified as safe if they have not been altered, deleted, modified or disclosure while under transit. VoIP attacks by intruders masquerading as legitimate users are a common phenomenon and according to the clinic’s System Analyst, such incidences have occurred in the past.
Caller ID spoofing
In one particular scenario, one patient reported having been called by what he supposedly referred as the clinic’s customer care agent who advised him to deposit some amount of money in a particular account and report to the hospital in the following day for a major surgery he had been scheduled a month away. Upon reporting to the hospital, the patient realized that he had been conned as clinic staff did not make such a call.
Caller ID spoofing is a process where the attacker manages to take control of the gateway server and change the “From” header to a number he desires. The agent responds positively to the proxy server when directed to a “via” address. The proxy server forwards the acknowledgement to the legitimate user since it knows it IP address of its phone. Caller ID spoofing techniques are used by attackers to launch attacks on unsuspecting citizens such as patients. Having set the caller ID to appear as if it is from the original patient or clinic, they order cash transfers which they finally take possession.
VoIP systems sometimes suffer from availability issues making communication impossible. Attacks such as denial of service create large number of call requests to a certain terminal subsequently diminishing its processing power. This is evident when an attacker initiates to many invite requests to the clinic gateways, iPhones and other media, for instance, derailing the services of the whole system.
Call hijacking and redirection
Caller redirection and hijacking is also imminent. In this case, VoIP phone calls are easy to capture and decode if the attacker has knowledge or physical access to the LAN segments that VoIP packets are traversing. A dedicated attacker can hack into the VoIP servers and redirects the calls to wherever location in order to obtain patient details which can subsequently be used for international calls at the cost of the communicating entities.
RECOMMENDATIONS
Eavesdropping is a security threat that compromises the confidentiality of information. Applications such as Wireshark and VoMIT are readily available on the market and as such become difficult to control its access. Sniffing tools such as VoMIT can be prevented through the use of strong encryption techniques. Encryption will ensure that those connecting to the VoIP from outside are legitimate users. In addition, the organization can implement stringent security policies to determine the use of network analyzers such as Wireshark. There should be clauses defining and granting permission to sniffing tools used internally for troubleshooting purposes. The facility must clearly define policies detailing the roles and responsibilities of users accessing the network such that before an employee accesses the network and view patient’s details, sufficient clearance is accorded.
Caller ID spoofing is controlled by ingress and egress filtering tools to eliminate any packets that originate from spoofed sources. A recommended solution is the use of Cisco Express Forwarding service designed for high performance layer 3 IP switching for optimum performance and secure communication.
In order to countermeasure availability challenges such as call hijacking and re-directing, the facility need to implement strong authentication protocols. VoIP components need to be certain that they are communicating with legitimate users. The facility should consider using strong encryption mechanisms such as IPSec, SSH, and SRTP to give the desired replay protection and confidentiality.
Likewise, implementation of VoIP-aware firewalls and intrusion detection and prevention systems will eliminate such attacks as denial of service. A customized IDPS solution needs to be implemented together with a firewall to filter traffic and allow legitimate packets alone into the network. Wireshark can be used to identify the type of traffic traversing the network and the possible imminent network attack of which the upstream firewall rules can be modified to block unwanted traffic.
Apart from the preventive procedures cited above, the facility should implement a different VoIP network separate from the data network. By separating the two networks, the chances of attacks on the VoIP network diminish.
One favorable implementation is the use of a Virtual LAN technology to create a logical separation between the two networks. Other than that, a fully fledged physical separation is necessary. A physical separation will require that the clinic contracts an external party to create the separation. This may cost the company but will ensure that the risks of attacks are minimal. Other than cost, the simplified administration currently exhibited through convergence will be eliminated in the new separation.
An additional implementation is the reconfiguration of the default well known passwords for gateways and switches. Most of the switches and gateway devices have default s and passwords known to attackers and if they are not reconfigured, the attackers can easily bypass them and launch attacks in spite of security measures adopted. Switches with TELNET remote access interfaces and clear text protocols must be altered upon system installation.
CONCLUSION
This paper has discussed some of the security vulnerabilities inherent to VoIP systems in respect to XYZ clinic. It is clear that in spite of the apparent benefits attained after VoIP installation, the organization faces a major challenge in terms of securing its patient information. Security issued related to VoIP is those faced with data networks and concerns confidentiality, availability and integrity. A viable solution lies in implementing the best security policies, logical remedies such as encryption and authentication and separation of data from voice network. With the recommendations, it is expected that all the challenges facing XYZ clinic will be put to rest.
References
Chen, E. (2005). Larstan's the Black Book on Corporate Security: Cutting-Edge Guidance from the World's Leading Experts. Larstan Publishing Inc.
Cisco. (2006). Voice Over IP Fundamentals. Cisco Press.
Dwivedi, H. (2009). Hacking VoIP: Protocols, Attacks, and Countermeasures. No Starch Press.
Epstein, J. (2009). Scalable VoIP Mobility: Integration and Deployment. Newnes.
Peter Thermos, A. T. (2008). Securing Voice-over-IP Networks: Threats, Vulnerabilities, and Countermeasures. ADDISON WESLEY Publishing Company Incorporated.
Swale, R. (2001). Voice Over IP: Systems and Solutions. IET.
Thomas Porter, C. C. (2011). Practical VoIP Security. Syngress.