Professional Documents
Culture Documents
Voice over internet Protocol (VoIP) also called IP telephony, is a technology that allows you to make
calls using a broadband internet connection instead of a regular phone line (PTSN). Broadband telephony
specifically refers to the provision of communications services (voice, fax, SMS) over the internet.
Example of VoIP are Skype, Google talks and windows live messenger.
VoIP service providers do more than establish calls. They perform routing ongoing and incoming calls
through existing telephone networks. Land lines and cell phones depend on the public switched
Telephone line (PSTN). VoIP converts your phone calls into data and is sent over the internet. You can
use the Ethernet cables or skip them if you have a strong WI-FI signal. It does so at a much lower cost
than older telephone systems. Voice over IP has many advantages over traditional phone service.
For phone calls, the conversation is exchanged using small data packets. The internet can send these data
packets around the world in less than a second. For internet telephony, these packets travel between your
phone and a VoIP provider.
A VoIP systems facilitates calls between other phones or over to another telephone company. It also
provides other useful functions like voicemail, call forwarding, call recording, and more.
Security on IP telephony
IP allows not only centralized architectures but also distributed ones which is where the advantage comes
when compared to land line networks. As VoIP grew many standards were created. There are advantages
and disadvantages with both architectures although distributed is favored nowadays due to its flexibility
and compatibility with the internet. Having many different architectures allow companies and service
providers to choose what best suit their requirements, demands and price.
Most VoIP services nowadays do not offer any sort of encryption making VoIP insecure;
o Implementing encryption on VoIP is another problem as the more complex algorithms will lower
the quality of the call and cause further latency, if not well planned.
o A hacker can use sniffer or other publicly available hacking tools to modify, identify, store and
play back voice traffic transmitted over IP network. The hacker can have access to users’ call and
determine the identity of the caller.
o Another security breach of VoIP is eavesdropping, where a hacker can listen to the
communicating parties.
o Despite the facts that the end user equipment is deployed on an internal protected network, the
endpoints are not individually protected by the network firewall and maybe threatened.
o Softphone software installed on the endpoint may have vulnerabilities in the operating system
(OS) it is running on. The operating system should be installed with an anti-virus software, virus
detection host-based firewall or host-based intrusion detection.
o The PSTN media gateway is also vulnerable to attacks; IPsec can be used to prevent interference
with user call and to prevent unauthorized call from being set up.
Many security requirements are needed to secure VoIP service and application. There include:
Protection of privacy of call conversation.
Authentication of calls and end points protection from insecure of network resources.
Ensuring of correct billing by the service provider and protection of billing information form
authorized access.
Protections of caller behavior or statistical information from authorized access.
Protection of network servers and endpoints from well-known threat and man in the middle
attacks.