The Virtual Bookcase for browsing and sharing reviews of books. New to this site? Read the welcome page first.

The Virtual Bookcase Home
Recent reviews
Collected book news
Welcome to this site

Stopping with this site

I am stopping with this site. If you want to take over the site with domain name get in touch, e-mail address below.

Book details of 'Practical VoIP Security'

Cover of Practical VoIP Security
TitlePractical VoIP Security
Author(s)Thomas Porter, Jan Kanclirz Jr.
PublishedMarch 2006
PublisherSyngress Publishing
Web links for this book
Search at
Wikipedia booksources
Shop for this book
As an Amazon Associate I earn from qualifying purchases

Back to shelf Computer networks
Back to shelf Computer security

Score: score: 5.0 *****  Vote for this book

The Virtual Bookcase Reviews of 'Practical VoIP Security':

Reviewer Rob Slade wrote:
VoIP (Voice over Internet Protocol) is something of the new kid on the technology block, and computer folks may have limited experience with telephony. It therefore seems a bit strange that chapter one, as an introduction to VoIP security, starts out by talking about computer security and attacks. However, the structure of the book is rather odd in any case. The basics of telephony, and the Public Switched Telephone Network (PSTN), are not covered until chapter four. Even then, while there is some useful trivia, most of the content is a list of telephony protocols. Chapter three covers some of the basic hardware and element information, discussing PBX (Private Branch eXchange) systems, VoIP components, and even power supplies. That material, in turn, would be helpful to those who try to understand chapter two, which is supposed to be about the Asterisk PBX software package. Although the text purports to deal with configuration and features of Asterisk, most of the section's content covers PBX operations and functions, dial plans, telephony numbering plans, and even a terse piece on the vital aspect of circuit versus packet switching. With chapter five, the book moves into some of the specifics of VoIP, discussing H.323, a protocol to specify data formats that is used extensively in commercial IP telephony products. SIP, the Session Initiation Protocol (used to negotiate interactive sessions over the net), gets a more detailed treatment (along with examination of related protocols) in chapter six. Other IP telephony architectures are briefly listed in chapter seven: the very popular Skype, H.248, IAX (Inter Asterisk eXchange), and Microsoft's Live Communications Server 2005 (MLCS). Diverse protocols used in support of VoIP are discussed in chapter eight. Most of these are commonly used in other Internet applications: some; such as RSVP (Resource reSerVation Protocol), SDP (Session Description Protocol), and Skinny; are more specialized. All the listed protocols have some review of security implications, which marks the first time in the book that security seems to be a major issue. Chapter nine examines specific threats and attacks, mostly related to denial of service and hijacking. Securing the infrastructure used for VoIP is important, although the material in chapter ten is fairly standard information security. Chapter eleven reviews a number of ordinary authentication tools that are frequently used in VoIP. "Active Security Monitoring," in chapter twelve, is the traditional intrusion detection and penetration testing, and has nothing specific to IP telephony applications. Similarly, chapter thirteen examines normal traffic management and LAN segregation issues: the only telephony related content is in regard to VoIP aware firewalls. The IETF (Internet Engineering Task Force) has recommended certain existing security protocols in regard to IP telephony, and one addition (SRTP, Secure Real-time Transfer Protocol): these are outlined in chapter fourteen. Chapter fifteen lists various (United States) data security related regulations and the European Union privacy directive. The IP Multimedia Subsystem (IMS) structure is reviewed in chapter sixteen. Chapter seventeen repeats the recommendations made in chapters ten through fourteen. It is handy to have a number of the issues related to VoIP addressed in one work. There is some depth to the content of the text as well, and those dealing with system internals may find that useful. However, for those who need to manage or make policy or purchasing decisions in regard to VoIP, this book may not have the forcefulness of complete analysis, or a structure that would assist in learning the background. While there is a considerable amount of helpful information, it reads more like an accumulation of miscellaneous facts than a directed study. copyright Robert M. Slade, 2006

Add my review for Practical VoIP Security

Book description:

Your Hands-On Guide to Voice over IP (VoIP) This book was written for the thousands of IT professionals-from CIOs to circuit-switched telecom engineers-who are now responsible for deploying and maintaining secure VoIP networks. The book explains the impact on your VoIP network of PSTN, SIP, H.323, firewalls, NAT, encryption, and the regulatory environment. Coverage includes evaluation, design, integration, and management of VoIP networking components, including IP telephones, gateways, gatekeepers, registration servers, media servers, and proxy servers. Throughout the book, the authors rely on their extensive real-world experience to provide readers with practical applications and solutions. * VoIP Isn't Just Another Data Protocol IP telephony uses the Internet architecture, similar to any other data application. However, from a security administrator's point of view, VoIP is different. Understand why. * What Functionality Is Gained, Degraded, or Enhanced on a VoIP Network? Find out the issues associated with quality of service, emergency 911 service, and the major benefits of VoIP. * The Security Considerations of Voice Messaging Learn about the types of security attacks you need to protect against within your voice messaging system. * VoIP and the Public Switched Telephone Network (PSTN) Understand PSTN: what is it, and how does it work? * VoIP Communication Architectures See how products like Skype, H.248, IAX, and Microsoft Live Communications Server 2005 * The Support Protocols of VoIP Environments Learn the services, features, and security implications of DNS, TFTP, HTTP, SNMP, DHCP, RSVP, SDP, and SKINNY. * Securing the Whole VoIP Infrastructure Your guide to Denial-of-Service attacks, VoIP service disruption, call hijacking and interception, H.323-specific attacks, and SIP-specific attacks. * Authorized Access Begins with Authentication Learn the methods of verifying both the user identity and the device identity in order to secure a VoIP network. * Secure Internet Mail See how S/MIME provides cryptographic security services for electronic messaging applications.

Search The Virtual Bookcase

Enter a title word, author name or ISBN.

The shelves in The Virtual Bookcase

Arts and architecture (25)
Biography (24)
Business and Management (120)
Cars and driving (53)
Cartoons (45)
Children's books (180)
Computer (475)
Computer history/fun (113)
Computer networks (382)
Computer programming (215)
Computer security (272)
Cook books (89)
Fantasy (154)
Fiction (446)
Health and body (71)
History (138)
Hobby (37)
Horror (65)
Humorous books (52)
Literature (57)
Operating systems (94)
Outdoor camping (162)
Outdoors (236)
Politics (85)
Privacy (61)
Psychology (55)
Religion (17)
Science (113)
Science Fiction (156)
Self-help books (56)
Technology (14)
Travel guides (308)
War and weapons (29)
World Wide Web (213)
Zen (5)
Other books (89)

The Virtual Bookcase is created and maintained by Koos van den Hout. Contact e-mail
Site credits
Copyright © 2000-2022 Koos van den Hout / The Virtual Bookcase Copyright and privacy statement