What do you think?
Rate this book
Seven Deadliest Unified Communications Attacks
Do you need to keep up with the latest hacks, attacks, and exploits effecting Unified Communications technology? Then you need Seven Deadliest Unified Communication Attacks. This book pinpoints the most dangerous hacks and exploits specific to Unified Communications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable.Attacks featured in this book Ecosystem AttacksInsecure EndpointsEavesdropping and ModificationControl Channel Fuzzing, DoS, SPIT and Toll FraudSIP Trunking and PSTN InterconnectionIdentity, Spoofing and Vishing Attacks Against Distributed SystemsKnowledge is power, find out about the most dominant attacks currently waging war on computers and networks globallyDiscover the best ways to defend against these vicious attacks; step-by-step instruction shows you howInstitute countermeasures, don't be caught defenseless again, learn techniques to make your computer and network impenetrable
224 pages, Kindle Edition
First published January 1, 2010
1 person is currently reading
4 people want to read
About the author
Dan York
10 books21 followersDan York focuses on explaining the changes going on all around us within communication technology and practices. An author of multiple books on networking, security, IPv6 and Linux, Dan frequently presents at industry conferences and events and has blogging and writing online since 2000. Today Dan serves the Internet Society as the Senior Content Strategist focused on the Deploy360 Programme, seeking to help service provides, companies and individuals more quickly deploy Internet technologies such as IPv6 and DNSSEC. Separately, Dan is also the Chairman of the global Voice Over IP Security Alliance (VOIPSA) and is active within the IETF. More information about Dan can be found at http://danyork.me/
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
April 22, 2011
This book is important reading for anyone who designs, deploys, architects, or recommends Unified Communication (UC) or VoIP (Voice over IP) systems. The reader does not need to be a security expert or have a deep knowledge of all the protocols, as the basics are explained at the start. I particularly like the description of UC services and components in the Introduction, a definition that goes beyond today's marketing speak. The book isn't just about VoIP or security protocols, but about the whole ecosystem of UC. It is very well written and organized, each chapter introducing and analyzing a new threat, then describing how to defend against it.
My favorite aspect of the book is that it is filled with real incidents and anecdotes: some surprising, some frightening, and all serve to drive home the security point being made in the chapter. There are also forward-looking scenarios, including ones involving botnets and SPIT (spam over Internet Telephony).
My own personal biggest concern about UC security, media privacy, is well covered in this book with descriptions of eavesdropping and modification attacks. There are very good descriptions of techniques to defend against these including SRTP and ZRTP.
There are no major omissions in this book. One minor area not covered is certificates. The author discusses how TLS (also known as SSL) can provide a private and authenticated channel for IM or signaling, however, the authentication is only there if digital certificates are properly used and administered. This is something that not all vendor and system administrators get right.
Overall, I believe this book should be required reading for professionals working in this area.
Full disclosure: I received a review copy of the book from the publisher and have worked with Dan York in the industry for many years.
My favorite aspect of the book is that it is filled with real incidents and anecdotes: some surprising, some frightening, and all serve to drive home the security point being made in the chapter. There are also forward-looking scenarios, including ones involving botnets and SPIT (spam over Internet Telephony).
My own personal biggest concern about UC security, media privacy, is well covered in this book with descriptions of eavesdropping and modification attacks. There are very good descriptions of techniques to defend against these including SRTP and ZRTP.
There are no major omissions in this book. One minor area not covered is certificates. The author discusses how TLS (also known as SSL) can provide a private and authenticated channel for IM or signaling, however, the authentication is only there if digital certificates are properly used and administered. This is something that not all vendor and system administrators get right.
Overall, I believe this book should be required reading for professionals working in this area.
Full disclosure: I received a review copy of the book from the publisher and have worked with Dan York in the industry for many years.
Displaying 1 of 1 review