[VOIPSEC] Solutions in addressing SPIT (Spam over InternetTelephony)

Christopher A. Martin chris at sip1.com
Thu Feb 17 22:47:58 CST 2005 

Regarding VoIP being no different from PSTN, VoIP is vastly different if
left unchecked in terms of scale....to attack the PSTN you are still talking
about a serial attack... one call after another (No choice there is only one
physical line to the caller)....in the IP world many calls can be placed
against a single target and starve resources at a greater rate than a simple
dialer could in the PSTN world.

The risk is DDoS or SPAM depending on the VoIP endpoints capabilities...and
if you couple it with voicemail (IP enabled) then even if the VoIP endpoint
cannot answer more than one call, the voicemail boxes can typically keep on
answering many spam calls concurrently to the limit of bandwidth and
harddrive capacity.

________________________________

Christopher A. Martin
P.O. Box 1264
Cedar Hill, Texas 75106
 
Domains.SIP1.com
http://domains.sip1.com 
Low cost domain name registration & other Internet services.
 
Sign up for your PayPal merchant account today and start selling your
products on line today!
https://www.paypal.com/us/mrb/pal=Q622ZEE3CUWM8
 

-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Russell Howe
Sent: Tuesday, February 15, 2005 2:40 PM
To: VOIPSEC
Subject: Re: [VOIPSEC] Solutions in addressing SPIT (Spam over
InternetTelephony)

On Thu, Feb 10, 2005 at 04:05:30PM +0200, Diana Cionoiu wrote:
> IMHO, VoIP is no different from PSTN regarding SPAM.

I'd be inclined to think it'd be more like email regarding spam, so long
as messaging to internet-connected systems is free. It only takes a few
VoIP gateways to be misconfigured (accidentally or maliciously) and you
have a VoIP equivalent of an open relay.

I'm assuming here that the common configuration will be for somebody to
require authentication in order to initiate a call, of course - if it
would be more like email, where you have an easy way to find out which
destinations are likely to be accepted by a particular host (i.e. MX
records for SMTP) then I can't see what's to stop a host from just
calling up users once it has a list of numbers.

Of course, an open VoIP relay might attract more attention, since it
would likely be used to place chargeable calls from, which is presumably
likely to get noticed.

I can just picture the kiddies jumping up and down in glee as they
realise not only can they use internet-type attacks, but also combine
them with 'phreaking'-type attacks.

-- 
Russell Howe       | Why be just another cog in the machine,
rhowe at siksai.co.uk | when you can be the spanner in the works?

_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list