McGraw-Hill books are available at special quantity
Hacking Exposed VoIP: Voice over IP Security Secrets and Solutions
Copyright 2007 by The McGraw-Hill Companies. All rights reserved. Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication.
1234567890 DOC DOC 0198765
Art Director, Cover
Information has been obtained by McGraw-Hill from sources believed to be reliable. However, because of the possibility of human or mechanical error by our sources, McGraw-Hill, or others, McGraw-Hill does not guarantee the accuracy, adequacy, or completeness of any information and is not responsible for any errors or omissions or the results obtained from the use of such information.
For Mom, Dad, Sally, and Sarah.
For my wife Gerri, and two daughters, Kristen and Kerri.
About the Authors
David Endler is the director of security research for 3Com's security division, TippingPoint, where he oversees product security testing, the VoIP security research center, and their vulnerability research team. While at TippingPoint, David founded an industry-wide
Prior to TippingPoint, David was the technical director at a security services startup, iDefense, Inc., which was
As an internationally recognized security expert, David is a frequent speaker at major industry conferences and has been quoted and featured in many top
Mark Collier is the chief technology officer at SecureLogix corporation, where he directs the company's VoIP security research and development. Mark also defines and conducts VoIP security assessments for SecureLogix's enterprise customers. Mark is actively performing research for the U.S. Department of Defense, with a focus on developing SIP vulnerability assessment tools.
Prior to SecureLogix, Mark was with Southwest Research Institute (SwRI), where he directed a group performing research and development in the areas of computer security and information
Mark is a frequent speaker at major VoIP and security conferences. He has authored numerous articles and papers on VoIP security and is also a founding member of the Voice over IP Security Alliance (VoIPSA).
Mark graduated magna cum laude from St. Mary's University, where he earned a bachelor's degree in computer science.
About the Technical Editor
Ofir Arkin is the CTO of Insightix, leading the development of the
Ofir is the author of a number of influential papers on information warfare, VoIP security, and network discovery, and lectures regularly at security conferences. He is
First, we would like to thank our families for supporting us through this writing and research effort. Next, we would
A word of thanks also to the security and VoIP
Finally, we're especially grateful to the McGraw-Hill team who helped make this book a reality, including Jane Brownlow, Jenni Housh, LeeAnn Pickrell, Peter Hancik, and Lyssa Wald.