1. DoS (Denial of Service)
- TCP SYN/ACK flooding, UDP flooding
- VoIP flooding(INVITE, OPTIONS, REGISTER and so on)
- Check Sync Reboots : Phone reboot using Check-Sync message.
- Session Teardown : Fabricate CANCEL, BYE message ->It makes call end by force.
2. Hijacking
- First, remove the normal user using fake or malicious REGISTER message. After that, by registering hacker's information as user so the hacker can hijack the calls.
-By fabricateing 301(Moved Permanently), 302(Moved Temporarily) reply message , the call would be redirected to the hacker.
3. Scanning
- Directory Scan : Fabricate the request(REGISTER) message, so the hacker can find out the user information by getting the response.
4. Social Engineering
- Caller-ID spoofing : Fabricate Caller-ID which is in VoIP packet, so the callee only can see the wrong information through the phone.
- VoIP Spam (SPIT) : spam call
- VoIP Phshing (Voice Phishing)
'Information Security > Information.Security' 카테고리의 다른 글
| RADIUS(Remote Authentication Dial In User Service) (0) | 2012.05.24 |
|---|---|
| SHA (Secure Hash Algorithm) (0) | 2012.04.16 |
| Install Asterisk with TLS (1) | 2012.04.16 |
| Openssl- How to set the ciphers? (0) | 2012.04.16 |
| Openssl (0) | 2012.04.16 |