Most organizations are consistently amazed at the cornucopia of sensitive details hanging out in the public domain and available to any resourceful hacker who knows how and where to look. Exacerbating the situation is that VoIP, as an application much like WWW, DNS, or SMTP, is also dependent on the rest of an organization's network infrastructure for its security posture (for example, its router configuration, firewalls, password strength, OS patching frequency, and so on). As Figure 1-1 depicts, VoIP security clearly intersects the traditional layers of data security within an organization.
Many of the VoIP application attacks shown in Figure 1-1 will be explained and demonstrated throughout the following chapters. We want to underscore that many of the other attacks listed (such as SQL injection and SYN floods) have been around for years and are hardly new by any stretch of the imagination . These are the very same attacks that plague most traditional data networks today. However, in some cases, these attacks can take on an expanded severity against a VoIP deployment. For instance, a SYN flood denial of service attack against your organization's router might mean that web browsing is a little slow for internal users. While the very same SYN flood against a VoIP network or VoIP device might mean that voice conversations are unintelligible because of jitter or calls cannot be placed because of network latency.
It's clearly in a hacker's best interest to gain as much information about the supporting infrastructure as possible before launching an attack. The path of least resistance to compromising an enterprise VoIP system may not necessarily be to go directly for the VoIP application itself, but instead a vulnerable component in the supporting infrastructure (router, web server, and so on). Why would an attacker bother spending time brute forcing a password in the VoIP voicemail system's web interface when the Linux system it runs on still has a default root password? Simply researching the flavors of a VoIP deployment and its dependent technologies ahead of time can drastically save a hacker time and brute forcing effort. Therefore, the first step to assessing your own external security posture is to discover what information potential attackers might already know about you.