Jump to ratings and reviews
Rate this book

Hacking Exposed Unified Communications & VoIP Security Secrets & Solutions, Second Edition

Rate this book
The latest techniques for averting UC disaster"This book is a must-read for any security professional responsible for VoIP or UC infrastructure. This new edition is a powerful resource that will help you keep your communications systems secure." --Dan York, Producer and Co-Host, Blue Box: The VoIP Security Podcast

"The original edition, "Hacking Exposed: Voice over IP Secrets & Solutions," provided a valuable resource for security professionals. But since then, criminals abusing VoIP and UC have become more sophisticated and prolific, with some high-profile cases ringing up huge losses. This book is a welcome update that covers these new threats with practical examples, showing the exact tools in use by the real attackers." --Sandro Gauci, Penetration Tester and Security Researcher, Author of SIPVicious

"Powerful UC hacking secrets revealed within. An outstanding and informative book. "Hacking Exposed: Unified Communications & VoIP Security Secrets & Solutions" walks the reader through powerful yet practical offensive security techniques and tools for UC hacking, which then informs defense for threat mitigation. The authors do an excellent job of weaving case studies and real-world attack scenarios with useful references. This book is essential for not only IT managers deploying UC, but also for security practitioners responsible for UC security." --Jason Ostrom, UC Security Researcher, Stora SANS Institute, co-author, SEC540 class

"After reading "Hacking Exposed: Unified Communications & VoIP Security Secrets & Solutions," I was saddened to not have had this book published years ago. The amount of time and money I could have saved myself, and my clients, would have been enormous. Being a professional in an ITSP/MSP, I know firsthand the complexities and challenges involved with auditing, assessing, and securing VoIP-based networks. From the carrier level, right down to the managed PBX level, and everything in between, "Hacking Exposed: Unified Communications & VoIP Security Secrets & Solutions" is a de facto must-have book. For those learning VoIP security to those heavily involved in any VoIP-related capacity, this book is worth its weight in gold." --J. Oquendo, Lead Security Engineer, E-Fensive Security Strategies

""Hacking Exposed: Unified Communications & VoIP Security Secrets & Solutions," includes more sophisticated attack vectors focused on UC and NGN. The authors describe in depth many new tools and techniques such as TDoS and UC interception. Using these techniques, you will learn how you can identify the security problems of VoIP/UC. This book is a masterpiece." --Fatih Ozavci, Senior Security Consultant at Sense of Security, Author of viproy

"This book provides you with the knowledge you need to understand VoIP threats in reality. No doom and gloom, overhyped, never to happen in the real-world scenarios. You will understand the vulnerabilities, the risks, and how to protect against them." --Shane Green, Senior Voice Security Analyst

Establish a holistic security stance by learning to view your unified communications infrastructure through the eyes of the nefarious cyber-criminal. "Hacking Exposed Unified Communications & VoIP," Second Edition offers thoroughly expanded coverage of today's rampant threats alongside ready-to-deploy countermeasures. Find out how to block TDoS, toll fraud, voice SPAM, voice social engineering and phishing, eavesdropping, and man-in-the-middle exploits. This comprehensive guide features all-new chapters, case studies, and examples. See how hackers target vulnerable UC devices and entire networks Defend against TDoS, toll fraud, and service abuse Block calling number hacks and calling number spoofing Thwart voice social engineering and phishing exploits Empl

818 pages, Kindle Edition

First published January 1, 2013

2 people are currently reading
17 people want to read

About the author

Mark Collier

22 books7 followers

Ratings & Reviews

What do you think?
Rate this book

Friends & Following

Create a free account to discover what your friends think of this book!

Community Reviews

5 stars
2 (14%)
4 stars
6 (42%)
3 stars
4 (28%)
2 stars
2 (14%)
1 star
0 (0%)
Displaying 1 of 1 review
Profile Image for BCS.
218 reviews33 followers
June 18, 2014
Unified Communications (UC) is regarded as the next step in fully integrating voice telephony with other communications methods and business processes. With the advent of unified communications, businesses will be exposed to a multitude of threats, many of which they are not even aware of yet.

As with any form of new technology solution there are issues to consider and be addressed. At the forefront of these is the need to employ effective security measures.

This publication is one of a number of ‘Hacking Exposed’ topics the authors have written in the past few years. Mark Collier and David Endler are recognised leaders in the field of IT security.

The book is split into four stand-alone parts. Each part is sufficiently self-contained to be read on its own. Part I starts by considering Voice over IP targets and threats, along with foot printing, scanning and network enumerating techniques. Using real-life examples it is set out in a manner reminiscent of how a thief could ‘case’ a property before breaking in.

Part II moves on to consider what are regarded as the most common group of attacks on applications, namely toll fraud, Telephony Denial of Service (TDoS), voice spam, call spoofing and phishing.

Part III deals with the various network attacks that can target a business’s communications, rather than just the telephone system per se. The anonymity offered by the internet makes it easy for a skilled hacker to intercept sessions, impersonate, eavesdrop on calls, redirect messages, track call patterns and scan personal data. A resolute hacker could launch network-based DoS attacks in order to bring the entire organisation to a standstill.

Finally, Part IV considers direct attacks on the signalling protocol of a UC network. When voice services use the same communications paths as other data serving the business it can provide determined hackers the opportunity for even deeper penetration of the organisation, putting all of an organisation’s information at risk.

Individual threats to security move from minor disruptions of individual voice calls up to invasions of privacy, where accessing, financial data, customer information and possibly even trade secrets become real threats. This is where hackers can do the most damage to the business operation as a whole.

The book contains numerous illustrative examples, explanatory text, screen shots, as well as code snippets, and explains practical security tools that can be deployed. Identified risks are rated on a ten-point scale based on three attributes: popularity, simplicity and impact. An overall rating of each risk is then derived from the mean of the three values.

I consider the book to be essential for any security professional needing to assess exploitable vulnerabilities in an UC eco system, as well as a must-have book for UC network owners. I award the book nine out of ten in terms of its readability and value for money.

Reviewed by Jim McGhie CEng MBCS CITP
Displaying 1 of 1 review

Can't find what you're looking for?

Get help and learn more about the design.