Presentation on theme: "A Survey of VoIP Security Practices in Higher Education"— Presentation transcript:
1A Survey of VoIP Security Practices in Higher Education Network Security Effective Practices - VoIP: SIP, H.323A Survey of VoIP Security Practices in Higher EducationH. Morrow LongDirector, Information SecurityYale UniversityEducause 2007 Annual Conference SessionWednesday, October 24, :30 a.m. - 12:45 p.m.8:00 a.m. Registration8:30 a.m. Introduction and Overview to Seminar9:00 a.m. Creating a Security Risk-Aware Culture9:30 a.m. Defining Institutional Data Types10:15 a.m. Break10:30 a.m. Reducing Access to Data Not Absolutely EssentialNoon Lunch1:00 p.m. Establishing and Implementing Stricter Controls2:00 p.m. Providing Awareness and Training2:30 p.m. Verifying Compliance2:45 p.m. Break3:00 p.m. Putting it All Together: Moving from Planning to Action4:00 p.m. Wrap-Up4:30 p.m. Adjourn
2IntroductionsKrizi will bring BINGO sheets and light-up bouncy balls as a prize5 minutes to go over the implications of the BINGO categoriesFlip Chart the type of functionsFlip Chart what folks want to get out of the session
3OverviewThis presentation will discuss a survey and informal poll of the current campus network VoIP security practices and products in higher education on both wired and wireless networks.
4Agenda Introduction What is VoIP? VoIP Threats VoIP Security ChecklistsVoIP Effective Practices in Higher EdSurvey of VoIP Security in AcademiaDiscussion and Questions
5VoIP Security Goes Mainstream In 2006, VoIP Security entered the SANS Top 20 for the first time:N1 VoIP Servers and Phones
8What is VoIP? Voice over IP IP Telephony Converged Data/Voice NetworkingUnified Messaging
9What is VoIP? 2 Major Protocols: Popular Internet VoIP Other SIP / SIPSPopular Internet VoIPProprietarySkypeVonageOtherZfone/ZRTP (Phil Zimmerman)Internet Standards related to VoIP Security:IPSECSSL/TLSSRTP (RFC3711)
10H.323 and SIP The 2 Major (Local and Enterprise) VoIP Protocols: Both protocols:Are hard (but not impossible) to firewallWere not designed for security…Use separate signaling and media (content) channelsUse dynamic portsWere not designed to be NAT “friendly” (embed IP addresses inside signaling/control information)But: H.323 is more like ISO X. protocols (uses ASN.1/PER) and SIP is more like Internet FTP/SMTP/HTTP/NNTP.
11H.323 Older protocol than SIP, implemented earlier ITU Umbrella Standard - built of other H stdsFirst VoIP std to use RTPInteroperates with ISDN PBX systemsUsed by several voice and videoconferencing systemsBuilt into NetMeeting, other commercial and open source programs availableGNU Gatekeeper - accounting/authorization/NAT traversal/H.323 proxy/H.235 security
12H.235 Security H.235 provides security for H.323 Optionally nine security profiles can be used to apply one or more of six security services (authentication, nonrepudiation, integrity, confidentiality, access control, key management) to H.225, H.245 and RTP traffic.
13“Skinny” - Cisco H.323“Skinny” is Cisco’s lightweight proprietary version of H.3323.SCCP is the acronym for Skinny Client Control Protocol.It is a lower overhead control protocol between the client and Call Manager.
14SIP - Session Initiation Protocol Overtaking H.323 on LANS - many clients.Created SIP 2.0 defined in RFC 2543 (1999)-- refined in RFC 3261 (2002).Lightweight, text-based protocol run on top of UDP or TCP (e.g. port mod P2P model.Uses HTTP “style” status codes & addresses.Interoperates with XMPP IM (Japper)STUN & newer TURN enable SIP through NAT using public Internet servers.Uses other protocols: SDR, RTP, MGCP, RTSP.Can be stateful/less, client/server or P2P.
15SIP/RTP Architecture VoIP User-Agent RTP SIP SRTP TLS UDP and TCP IP Data Link LayerCredit: Practical VoIP Security, Syngress
16SIPS - Secure SIP Secure SIP is a security mechanism defined by SIP RFC 3261 (2002) defines Secure SIP -- a security mechanism using TLS to send SIP messages over an (Transport Layer Security) encrypted channel.Fairly new, competes with IPSEC, VPNs, SRTP -- often referred to as SIP with TLS -- used when IPSEC is overkill or SIP proxies must be used.
17SRTPAdds message encryption, authentication, integrity and replay protection to to RTPSister to SRTCP (Secure RTP Control Proto)SRTP/SRTCP encryption, authentication and integrity are independent and can be disabled (“Null” encryption).Single Cipher (AES), 2 modes (counter & feedback modes)External Key mgt (ZRTP, Mikey, …)Credit:
18SRTP Interoperability Hard IP PhonesAvaya, Cisco, Ericsson (&TLS), Siemens, Linksys, Snom (&TLS)Soft IP phonesGizmo, Kphone, Snom360 (&TLS), minisip (&TLS)Hard IP PBX - Alcatel and EricssonSoft-IP-PBX - Asterisk (SIP & H323) and pbxnsipSBC (Session Border Ctrlr) / SIP FirewallCovergence (& SIP & H323)InGate (SIP aware firewall)Credit:
19Zfone/ZRTP Created/driven by (Phil Zimmerman) 2nd attempt (PGPfhone) Designed to work with current SIP phone programs (via plug-ins).Zfone is the program.ZRTP is an extension to RTP (Real-time Transport Protocol) providing secure real-time transport to secure sessions (SIP, H.323, etc.) already established.Keys are transmitted and managed outside the std signaling.Protection against MitM (man in the Middle) attacks.
20Skype Peer to Peer Model Supernodes route traffic for other calls Can be blocked and bandwidth managedOutlawed at some institutionsProprietary strong encryptionNon-CALEA compliance?
21More VoIP Terminology “Presence” (R U there?) Convergence (Data + Voice = Synergy)Voice MessagingUnified Messaging Systems
22More VoIP Acronyms ACD Automatic Call Distribution(Call Ctr) IVR Interactive Voice ResponseICE Interactive Connectivity EstablishmentRSVP Resource Reservation ProtocolRTSP Real Time Streaming ProtocolSDP Session Discovery ProtocolSTUN Simple Traversal of UDP through NATTLS Transport Layer Security (ala SSLv3)TURN Traversal Using Relay NATTTS Text-to-speech server
23Non-Cyber Security-related VoIP Issues 911 - where does 911 ring?E need to provide location information?Emergency access -during network or power outagesUse Power-over-Ethernet (PoE AKA IEEE 802.3af) cablingProvide at least the minimal # of land lines per # rooms (e.g. or as required by law)
25VoIP System Components Media Gateways -- e.g. to PSTN/PBXesEndpoints (User Agents): softphones, IM/Video/VoIP/ATA (Analog Telephone Adatper)Media Servers (VM, ACD, IVR, TTS,VC)H.323 GatekeepersSIP Registration, Redirect ServersSIP Proxy ServersFirewalls/ALGs
26VoIP ThreatsVoIP Networks have many of the same threats to security, privacy and reliability as data networks do, but they also bring in the problems of the telephone system and have some special threats all their own.Converged networks can combine threats from the data and VoIP world -- making the new network less secure (in the opinion of some).Data network people are afraid VoIP infrastrucutre will weaken the security of their data network and the voice/telecom people feel the same about data / IP networks.
27Other VoIP Architectures SkypeIAXH.248Microsoft Live Communication Server 2005 (MLCS)TLS between client and serverMutual TLS server-to-server
28VoIP vs. PSTNRemember that “POTS” telephones have little security -- ordinary phone conversations are not encrypted and can be tapped or eavesdropped.You can actually have better security using VoIP IF you use strong encryption (and a good implementation).
29VoIP Threats DDoS / DoS Attacks Unauthorized Access Toll Fraud ICMP Flood (eg ‘pings’) to Phone or Call MgrUnauthorized AccessToll FraudVoic hackingEavesdropping (Call and/or Control)Call HijackingApplication Level AttacksCredit: Juniper Networks
30IP Network Threats Ethernet, IP and DNS address spoofing ARP and DNS Cache PoisoningQuantity-based packet floodingStack DoS attacksVLAN “jumping”QoS / prioritization attacks
31Organizing VoIP Threats Standard IP Network Threats(to the CIA triad)C - ConfidentialityI - IntegrityA - Availability
32Organizing VoIP Threats Advanced IP Network Issues/challenges(triple A)A - AuthenticationA - AuthorizationA - Accounting
33Application-Specific VoIP Threats “Phone” spoofing - registering a SIP client with someone else's identifier (no auth.).a successful attack would cause the similarly registered phone to ring when someone called the legitimate owner of the number.Credit: Jeremy George, Yale University
34Threat to Confidentiality Programs exist to listen to SIP and other VoIP streams (and record them).It is possible to capture packets on switched networks (by overflowing ARP tables, poisoning ARP caches, etc.).Encryption should be used but has side- effects: : on latency, on sound qulaity (packetization and compression chunking can lead to clipped staccato speech).
35Application-Specific VoIP Threats Caller-ID / ANI “Spoofing” (faking source #)Trivial to do -- don’t trust Caller-ID -- OK to screen w/Credit: Jeremy George, Yale University
36Threat to Integrity It is possible to ‘hijack’ sessions. It is possible to modify voice over IP streams.Once again, use encryption (or at least cryptographic integrity checks) to prevent this.
37Application-Specific VoIP Threats MitM “spoofing”CALEA is a ‘legit’ application of this.DoS attacks are known immediately by communicating partiesCall content is neither overheard nor compromised.Some proxies have logic in them that identifies a likely DoS attack and discard those packets (ask your vendor!).Encryption is the best proection against MitM spoofing.Credit: Jeremy George, Yale University
38Threats to Availability Quality of Service (QoS) problems:Latency - time for traffic to go from source to destination (one-way and round-trip). 150ms is Max RTT for PSTN. VoIP at 400ms is at outer limit of tolerable range.Jitter - variability in latency and out-of-order packet arrival times. Buffering can help here.Packet Loss - results in gaps in communication.
39Application-Specific VoIP Threats “Special DoS (Denial of Service) attackshigh volume flood of SIP INVITEshigh volume flood of SIP REGISTER commandsControl Packet / Call Data FloodsPacket Replay / Injection / ModificationCredit: Jeremy George, Yale University
40Application-Specific VoIP Threats “BID attacks on SIPS”Get SIPS devices to downgrade to ordinary SIPCredit: Jeremy George, Yale University
41Application-Specific VoIP Threats Rogue SIP ProxiesImpersonate a proxy to a User-AgentCredit: Practical VoIP Security, Syngress
42VoIP Security Checklist Practical VoIP Security “high level short list”:Create, publish and enforce security policies.Practice rigorous physical security.Verify user identities.Actively monitor logs, firewalls & IDSes.Logically segregate data & voice traffic.Harden Oses.Encrypt whenever and whatever you can.
43VoIP Security Checklist Juniper Best Pracices Security Measures1. Maintain Current Patch Levels2. Install a Good Anti-Virus System and Update it Regularly3. Apply State-of-the-Art Intrusion Detection and Prevention Systems4. Install Application-Layer Gateways between Trusted and Untrusted Zones.5. Enforce SIP security by means of Authentication, Authorization and IPSec6. Establish Policy-Based Security Zones to Isolate VoIP Segments.7. Run VoIP Traffic on VPNs to Minimize Eavesdropping Risk on Critical Segments.8. Use VLANs to Prioritize and Protect Voice Traffic from Data Network Attacks9. Apply Encryption Selectively10 Protect Against UDP Flooding11. Develop a Holistic Security Program
44Meta Group Checklist IP Telephony-Specific Security Features The Call Control ServerHarden/Strip down OS.Use secure OS.Authenticate & authorize all user & device access to servers.Require strong authentication for all configuration and software upgrades.Should support app level signaling message auth.Should support call setup info encryption.
45Meta Group Checklist IP Telephony-Specific Security Features The Voice Gateway:Require strong authentication for all configuration and software upgrades .Provide DoS protection on IP inteface.Should be configured to route calls only via the call control server.Secure OS w/anti-virus AND host-based IDS.Should support call setup info and media (voice content) encryption.Should support a media (voice content) protocol authentication on a per-packet basis.
46Meta Group Checklist IP Telephony-Specific Security Features The IP Phone:Must authenticate itself to the call control server or a proxy server upon initial registrationMust support strong authentication for any remote configuration and software upgrades .Should support a configurable access control list to control any incoming traffic (e.g. H.323/SIP, RTP, HTTP, FTP, DHCP)..When supporting an additional Ethernet port for PC connectivity, should have this implemented via a switching function combined with VLAN functionality.Should support encryption of both call setup info and media as needed. Using encryption can add an additional end-to-end delay on each media packet.
47VoIP Security Checklist Detailed and Specfic list:Use a separate VLAN with 802.1p/q QoS w/priority VLAN tagging for the VoIP network.Use a private (RFC1918) IP network for the VoIP LAN.Use NAT and/or proxies to hide internal addresses.Use a firewall (packet filtering or ALG) to protect & connect the VoIP network to the data IP network.Use an IDS or IPS to examine the traffic allowed through the firewall (may be built into the firewall).Use TLS to protect SIP and SRTP to protect RTP.Use NAC, 802.1X & RADIUS auth & SIP-aware FW.
48Listservs & Newsgroups EDUCAUSE Security Discussion ListservVOIPSA Best Practices Working GroupVOIPSA Best Practices WG ListNIST Publication Mailing listNISTReceive immediate notification when new NIST computer security publications or news are available.US-CERTTechnical Cyber Security Alerts provide timely information about current security issues, vulnerabilities, and exploits.
49VoIP Security Effective Practices in Higher Ed One anonymous school:Uses separate VLAN, L2 switches and RFC1918 IP addresses for VoIP network.Provides separate connections (and bandwidth) to each building with VoIP.Softphones can participate from regular campus LAN (aren’t required to use a 2nd NIC on the VoIP network).
50VoIP Security Effective Practices in Higher Ed A 2nd anonymous school:Has enterprise polycom gateways (a bunch of them) that have priority in QOS on the routers..Allows traffic via ports inbound on the above routers for this ‘legit’ traffic.Doesn’t restrict H.323.Blocks SIP and Vonage because they don’t open the inbound ports.Packet8 and other SIP applications which use STUN work fine (because of tunneling).Skype is a problem (paritcularly Supernodes at times).
58Which VoIP Security mechanisms do[n’t] you use? VoIP Higher Ed Security SurveyWhich VoIP Security mechanisms do[n’t] you use?Use H.235 for H.323 security profiles (for H.225, H.245 and RTP traffic).Use SIPS (Secure SIP - RFC SIP over TLS).Don't allow SRTP with null cipher (e.g. don't allow use of SRTP for just authentication).Use zRTP for key management.Use Mikey for key mgt/exchange.Use SDES for key exchange.Use SRTCP for authentication.Use SRTCP for encryption.IPSEC to secure MGC (Media Gateways/Controllers) communication.Use of separate physical LAN(s) for VoIP for segregation from data IP network.
59VoIP Higher Ed Security Survey Which VoIP Security mechanisms do[n’t] you use?Use of IPS between VoIP network and data IP network.Use of IDS between VoIP network and data IP network.Use NAC (network access control) such as 802.1X and RADIUS to authenticate hard phones.Softphones require the use of the separate VoIP network (physical LAN, VLAN, subnet address, etc.) from the data IP network.Softphones are allowed with IPSEC transport mode.Softphones are allowed with IPSEC VPNs.Allow NAT traversal via STUN or TURN Internet proxies.Provide separate dedicated bandwidth for VoIP traffic to the Internet.
63Credits:Cisco - Configuring SIP High Availability Applications,Jeremy George, Yale University, “ “SIP.edu Cookbook - Security Considerations”Deb Shinder, 2006/12/1 “Make a SIP-based VoIP network more secure”,Deb Shinder, 2007/1/7 “Take a multi-layered approach to VoIP security”,Jose J. Valdes, Jr., Colorado State University “Voice over Internet Protocol (VoIP) Security”, Conference, ICS – Wireless Group Meeting, Tempe, Arizona, February 6, 2005
64Credits:Practical VoIP Security by Larry Chaffin, Jan Kanclirz, Jr., Thomas Porter, Choon Shim, Andy Zmolek, Syngress, March 2006Wikipedia (pages on H.323, SIP, SRTP, ZRTP), Zfone, etc.)