Hacking Exposed Unified Communications and VoIP Security Secrets and Solutions.pdf
Mark Collier, CTO for SecureLogix Corporation, is responsible for research and related intellectual property. He was with the Southwest Research Institute for 14 years, where he contributed to and managed software research and development projects in a wide variety of fields, including information warfare. Collier regularly teaches a six-day course on Unified Communications & VoIP Security for the SANS Institute. David Endler is the director of security research for 3Com's security division, TippingPoint. He founded an industry-wide group called the Voice over IP Security Alliance (VOIPSA) in 2005 (www.voipsa.org). David spent many years in cutting-edge security research roles with Xerox Corporation, the National Security Agency, and Massachusetts Institute of Technology. He is a frequent speaker at major industry conferences and has been quoted and featured in the Wall Street Journal, USA Today, BusinessWeek, Wired, the Washington Post, CNET, Tech TV, and CNN. David was named one of the Top 100 voices in IP Communications by IP Telephony magazine.
1 VoIP Components & Targets 2 Footprinting 3 Scanning & Enumeration 4 Toll Fraud & service Abuse 5 Harassing Callers & TdoS 6 Social Engineering & Information Harvesting 7 Voice Spam & Phishing 8 Infastructure Denial of Service 9 Network Eavesdropping 10 Interception 11 Cisco Unified Cisco Call Manager 12 Avaya Communication Manager 13 Microsoft Lync 14 Cloud, Emerging, and other Technologies 15 Fuzzing & Disrupting of Service 16 VoIP Signaling Manipulation 17 Audio & Video Manipulation
In-depth explanations of over a dozen ways that unified communications systems can be hacked and exactly how to protect them from attack, based wholly on actual real-world scenarios. Hacking Exposed Unified Communications, Second Edition includes five all-new chapters, as well as massive updates throughout. The #1 threat to enterprise networks, toll fraud and service abuse, is the focus of one of the new chapters; other new chapters will cover harassing calls and TDoS, social engineering and information harvesting, Microsoft Lync server, and VoIP components and targets. The Hacking Exposed brand is synonymous with practical, get-the-job-done tips for security practitioners. Threats to network security are more virulent today than ever before--Hacking Exposed Unified Communications, Second Edition is an essential read for information security professionals who must successfully troubleshoot the newest, toughest hacks ever seen. Features five completely new chapters as well as thoroughly updated content throughout the book: new chapters on VoIP components and targets, toll fraud, social engineering, harassment, and Microsoft Lync server Internationally recognized, the Hacking Exposed series has an accessible style and format with its original, bulletproof pedagogy that includes attack/countermeasures, risk ratings, case studies, self-assessment tips, check lists, and organizational strategies Every case study in the book has been updated with the latest enterprise hacking scenarios Specific, technical, and proven strategies to prevent, detect, and remediate common technology and architecture weaknesses and maintain tight security controls permanently Access within a single volume to informed insights into core security issues across the leading Unified Communications technologies and architectures today