[VOIPSEC] VoIP and Fraud, IP endpoint auth

Coulombe, Anne L Anne.Coulombe at enterasys.com
Tue Feb 15 12:15:10 CST 2005 

Michael, Geoff,

You touch upon an interesting point about IP endpoint authentication. 

This could easily be the subject of new thread - access control for
authentication/detection of the endpoint on a network (credential and
identity), authorization of that device (to be there, to make a SIP
call, call to what server, etc), as well usage policy once
authenticated/authorized (security, QoS, CoS, network predictability
during a threat event). 
Even with access, proactive protection of the devices and dynamic
response architecture can kick in and quarantine a user/device that is
attempting to make unauthorized use of the VoIP system. How do you know?
Might be behavior, user authentication (or device level auth), protocol,
other. Hence shutting down possible voice fraud or impersonation at the
source. What I am suggesting is that it is not only within the VoIP
system itself...protection is also about getting into/onto the network
and the VoIP system. 

AnneC
p.s. Not all infrastructure/security vendors are like Cisco :-)

-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Michael Todd
Sent: Tuesday, February 15, 2005 11:50 AM
To: Geoff Devine
Cc: Voipsec at voipsa.org
Subject: Re: [VOIPSEC] VoIP and Fraud

I think that endpoint authentication is a big problem by definition in 
the IP Telephony world right now. End users do not want to authenticate 
to make a call. The average user has a lifetime's expectation set for 
what telephony use should "feel like." Authentication before calling 
isn't one of these expectations. Authentication in computer use is 
expected as the technology is relatively new to end users. Expectations 
have been set for authentication requirements. Due to this, many 
vendors, such as Cisco have completely disregarded endpoint 
authentication, especially at the infrastructure or switch level.

Geoff Devine wrote:

>Mark Fletcher fletch at nortel.com writes:
>  
>
>>There are many potential areas, but one that concerns me is the
ability for
>>a user to easily spoof their Caller ID. Typically this has only been
>>available to administrators of a PBX with PRI circuits. Many call this
>>'security via obscurity'. By spoofing CLID, a caller could raise havoc
with
>>Emergency Services and the national E9-1-1 system, or use a spoofed
CLID to
>>socially engineer people into giving up personal information.
>>    
>>
>
> 
>
>The issue here is that endpoints can't be trusted.  Endpoints can only
be authenticated.  A PBX running Primary Rate ISDN is quite different
from a mass market subscriber SIP endpoint somewhere out there in the
world.  You should not _trust_ that device to give you accurate
CallerID.  The device is portable so you should use its routable IP
address to obtain physical location rather than _trust_ it to tell you
where it is.  To create a secure service, you can't blindly pass SIP
messages around as a lightweight SIP Proxy.  You have to adopt a more
hardened Back2Back User Agent model where you understand exactly what
the endpoint is signaling and have the abilty to police the signaling.
>
> 
>
>Geoff
>
>
>
>  
>
>-----------------------------------------------------------------------
-
>
>_______________________________________________
>Voipsec mailing list
>Voipsec at voipsa.org
>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>  
>


_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list