SecureLogix is releasing a suite of custom VoIP security assessment tools, which are now available for free download from the company’s website. These tools can be used to assess susceptibility to a wide variety of SIP threats, including Denial-of-Service (DoS) and Man-in-the-Middle attacks, eavesdropping, audio insertion and deletion, and even call teardown.
Earlier versions of some of these tools, developed by CTO and VP of engineering Mark Collier and R&D team member Mark O’Brien, were released along with publication of the book Hacking Exposed: VoIP (McGraw Hill, 2006), which Collier co-authored. These tools are now well known in the VoIP security community and the de facto standard tools for the types of vulnerabilities they assess. Collier and his team have since enhanced these tools and simplified their use. They have also developed a number of others while completing publicly funded research into current and future threats to VoIP systems, protocols and application services.
These new VoIP security assessment tools compliment the company’s voice network security scanner that identifies modem vulnerabilities in traditional circuit-switched networks, also available for free download from the SecureLogix website. Almost all organizations deploying VoIP maintain a significant amount of legacy voice infrastructure, especially at the voice network edge where it connects to long distance service providers. The combination of these VoIP and legacy scanning tools provides a comprehensive approach to identifying critical voice security vulnerabilities across an organization’s entire mix of VoIP and legacy infrastructure and systems. This full voice network security approach is unique to SecureLogix.
For more information about these tools and their uses, see Collier’s popular VoIP Security Blog at
http://www.voipsecurityblog.com.