A

ACK flag, 39
ACK packets, 3941
ACK requests , 58
ACM. See Avaya Communication Manager
add_registrations tool, 435438
Address Resolution Protocol. See ARP
AfriNIC registry, 23
Aftergood, Steven, 370
AgoBot, 131
a-law-encoded audio, 471
Analog Telephone Adapter (ATA), 325
Angst tool, 153
anonymous zone transfers, 27
AOL Triton, 359, 360
APNIC registry, 23
application ports, 339340
applications
flooding attacks, 133
interception techniques, 185199
rogue, 186199
approval systems, 502
APR (ARP Poison Routing), 171
Architecture for Voice, Video, and Integrated Data (AVVID), 206207
Argyroudis, Patroklos G., 153
ARIN registry, 23
Arkin, Ofir, 37, 100, 148
ARP (Address Resolution Protocol), 3839
ARP entries, 152, 154
ARP pings , 3839
ARP Poison Routing (APR), 171
ARP poisoning attacks, 120, 156, 169185
ARP spoofing, 182, 184, 247
arping tool, 39
arpspoof tool, 182
arpwatch tool, 185
Asterisk, 323350
authentication, 347
communication IP phones and, 325
components , 324326
denial of service, 341342
deployment scenarios, 326
described, 20, 324
eavesdropping attacks, 343
enumeration, 327333, 338339
firewalls for, 338, 341, 346
flooding attacks, 339340
hard phones/communication devices, 325
IAX channels, 346347
interception attacks, 343
management systems, 326
media gateways, 325
network attacks, 339343
network reconnaissance, 326327
NIPS, 342
nonsecure registration, 348
OS exploitation, 341342
outbound calling, 349
passwords, 343348
poor local protections , 346
port scanning, 327338
potential security weaknesses, 346349
references, 350
switches/routing, 326
toll fraud, 349
Trixbox, 326
versions of, 326, 343344
Asterisk IP PBX, 324325, 329332, 492500
Asterisk Manager interface, 326, 347348
Asterisk User Forum, 20
Asterisk Web Voicemail, 344345, 349
Asterisk@Home, 344
ATA (Analog Telephone Adapter), 325
attacks
802.1Q tagging, 155
ARP poisoning, 120, 156, 169185
audio insertion/mixing, 480
DDoS, 130136
DHCP exhaustion, 141145
DNS cache poisoning, 145
DNS interrogation , 2327
DoS. See DoS (denial of service) attacks
eavesdropping. See
eavesdropping attacks
flooding. See flooding attacks
interception. See interception attacks
ISL tagging, 155
man-in-the-middle. See MITM attacks
network. See networking-based attacks
packet, 130
phishing, 454, 505516
redirection, 186, 456460
signaling. See signaling attacks
smurf , 133
sniffing. See sniffing attacks
SYN flood, 10, 132133, 146
TCP SYN flood. See TCP SYN flood attacks
UDP flood. See UDP flooding attacks
audio
content filtering, 502
G.711, 65
mixing in, 194196
replacing, 194196
RTP, 65
u-law, 471475
audio codecs, 65
audio insertion/mixing attacks, 480
audio jitter buffer, 66
AUDIX Voicemail System, 314
authenticated identity, 501
authentication
802.1x port, 246
Asterisk, 347348
CCM, 248250
SIP proxy, 407409, 466, 470471
SIP systems, 434
SPIT, 501
TCP SYN flood attacks, 413414
authtool tool, 440445
AutoQoS feature, 240241
availability. See network availability
Avaya 4602 phone, 337338
Avaya Communication Manager (ACM), 251321
basic components, 253263
communication devices, 256257
default system passwords, 312, 313318
deployment scenarios, 259263
disabling unnecessary ports, 312
DoS attacks, 308310
enumeration, 287295
exploiting network, 296311
flooding attacks, 296308
management systems, 258259
media gateways, 254256
media servers, 253254
network reconnaissance, 264295
NIPS, 310
OS exploitation, 308310
overview, 251253
patch management, 309310
references, 320321
secure file download, 320
SNMP enumeration, 288295
switching infrastructure, 259
telnet and, 311312
Avaya devices, 256257, 264
Avaya IP Softphone, 352
AVVID (Architecture for Voice, Video, and Integrated Data), 206207


Hacking Exposed VoIP. Voice Over IP Security Secrets & Solutions
Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions
ISBN: 0072263644
EAN: 2147483647
Year: 2004
Pages: 158

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net