Unified Communications Forensics: Anatomy of Common UC Attacks
By Nicholas Mr. Grant and Joseph II Shaw
4/5
()
About this ebook
Unified Communications Forensics: Anatomy of Common UC Attacks is the first book to explain the issues and vulnerabilities and demonstrate the attacks, forensic artifacts, and countermeasures required to establish a secure (UC) environment.
This book is written by leading UC experts Nicholas Grant and Joseph W. Shaw II and provides material never before found on the market, including:
• analysis of forensic artifacts in common UC attacks
• an in-depth look at established UC technologies and attack exploits
• hands-on understanding of UC attack vectors and associated countermeasures
• companion website http://secvoip.com giving readers access to the most up-to-date information on UC attacks.
- Provides key information for hackers and pen testers on the most current Unified Communications implementations
- The only book to explore and demonstrate how to work with digital artifacts from attacks within the UC environment
- Deals with UC security from multiple angles—less about theory and more about hands-on threat defense and forensics
Nicholas Mr. Grant
Nicholas Grant is an information security professional with over ten years of experience within the industry. He holds a CISSP and has an M.S. in Management of Information Systems Security from Colorado Technical Institute. He works as a Vulnerability Manager for a large financial institution and is a professor, teaching Bachelor’s and Associate-level courses at a nationally accredited university.
Related to Unified Communications Forensics
Related ebooks
Securing Social Media in the Enterprise Rating: 0 out of 5 stars0 ratingsImplementing Digital Forensic Readiness: From Reactive to Proactive Process Rating: 0 out of 5 stars0 ratingsSnort Intrusion Detection 2.0 Rating: 4 out of 5 stars4/5Cloud Storage Forensics Rating: 4 out of 5 stars4/5Hands-on Incident Response and Digital Forensics Rating: 0 out of 5 stars0 ratingsBuilding a Digital Forensic Laboratory: Establishing and Managing a Successful Facility Rating: 3 out of 5 stars3/5Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace Rating: 0 out of 5 stars0 ratingsMalware Forensics Field Guide for Windows Systems: Digital Forensics Field Guides Rating: 4 out of 5 stars4/5Seven Deadliest Social Network Attacks Rating: 0 out of 5 stars0 ratingsThor's Microsoft Security Bible: A Collection of Practical Security Techniques Rating: 0 out of 5 stars0 ratingsHack the Stack: Using Snort and Ethereal to Master The 8 Layers of An Insecure Network Rating: 0 out of 5 stars0 ratingsManaging Information Security Rating: 0 out of 5 stars0 ratingsData Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols Rating: 5 out of 5 stars5/5The Secure CEO: How to Protect Your Computer Systems, Your Company, and Your Job Rating: 0 out of 5 stars0 ratingsBig Breaches: Cybersecurity Lessons for Everyone Rating: 0 out of 5 stars0 ratingsBotnets: The Killer Web Applications Rating: 5 out of 5 stars5/5Digital Forensics: Threatscape and Best Practices Rating: 0 out of 5 stars0 ratingsSeven Deadliest Wireless Technologies Attacks Rating: 0 out of 5 stars0 ratingsWeb Application Obfuscation: '-/WAFs..Evasion..Filters//alert(/Obfuscation/)-' Rating: 5 out of 5 stars5/5Threat Forecasting: Leveraging Big Data for Predictive Analysis Rating: 0 out of 5 stars0 ratingsTechnoSecurity's Guide to E-Discovery and Digital Forensics: A Comprehensive Handbook Rating: 4 out of 5 stars4/5Cybercrime Case Presentation: An Excerpt from Placing The Suspect Behind The Keyboard Rating: 0 out of 5 stars0 ratingsOffensive Security A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsDigital Forensics A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsCyber Threat Hunting A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsInsider Threat Program A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsAdvanced OSINT Strategies: Online Investigations And Intelligence Gathering Rating: 0 out of 5 stars0 ratingsForensics And Incident Response A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsIntrusion Detection Systems A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsStrategic Leadership in Digital Evidence: What Executives Need to Know Rating: 0 out of 5 stars0 ratings
Information Technology For You
Health Informatics: Practical Guide Rating: 0 out of 5 stars0 ratingsAWS Certified Cloud Practitioner: Study Guide with Practice Questions and Labs Rating: 5 out of 5 stars5/5How to Write Effective Emails at Work Rating: 4 out of 5 stars4/5Creating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5Hacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5ChatGPT: The Future of Intelligent Conversation Rating: 4 out of 5 stars4/5Computer Science: A Concise Introduction Rating: 4 out of 5 stars4/5Investigating Child Exploitation and Pornography: The Internet, Law and Forensic Science Rating: 5 out of 5 stars5/5Data Analytics for Beginners: Introduction to Data Analytics Rating: 4 out of 5 stars4/5Practical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5CODING INTERVIEW: Advanced Methods to Learn and Excel in Coding Interview Rating: 0 out of 5 stars0 ratingsInkscape Beginner’s Guide Rating: 5 out of 5 stars5/5Panda3d 1.7 Game Developer's Cookbook Rating: 0 out of 5 stars0 ratingsHandbook of Digital Forensics and Investigation Rating: 4 out of 5 stars4/5CompTIA Network+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam N10-008 Rating: 0 out of 5 stars0 ratingsMicro Niches Rating: 0 out of 5 stars0 ratingsCompTIA ITF+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam FC0-U61 Rating: 0 out of 5 stars0 ratingsHow To Stay Private Online Protecting Your Online Privacy and Shielding Your Online Presence from Snoopers Rating: 0 out of 5 stars0 ratingsSharePoint Designer Tutorial: Working with SharePoint Websites Rating: 1 out of 5 stars1/5Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry Rating: 4 out of 5 stars4/5How To Use Chatgpt: Using Chatgpt To Make Money Online Has Never Been This Simple Rating: 0 out of 5 stars0 ratingsAn Ultimate Guide to Kali Linux for Beginners Rating: 3 out of 5 stars3/5The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5Data Governance For Dummies Rating: 0 out of 5 stars0 ratingsSummary of Super-Intelligence From Nick Bostrom Rating: 5 out of 5 stars5/5How to Find a Wolf in Siberia (or, How to Troubleshoot Almost Anything) Rating: 0 out of 5 stars0 ratingsARDUINO PROGRAMMING FOR BEGINNERS: Tips and Tricks for the Efficient Use of Arduino Programming Rating: 0 out of 5 stars0 ratingsSupercommunicator: Explaining the Complicated So Anyone Can Understand Rating: 3 out of 5 stars3/5
Reviews for Unified Communications Forensics
1 rating0 reviews
Book preview
Unified Communications Forensics - Nicholas Mr. Grant
1
A Brief Introduction
Abstract
This chapter is an introduction to VoIP and Network Forensics.
Keywords
VoIP; Social engineering; Forensics; VoIP attacks; Voice over IP; VoIP PenTesting; Phishing; Vishing; SMishing; SPIT; Caller ID spoofing; Social engineering
Introduction to Unified Communications
Protocols
Signaling
Media Session
An Introduction to Network Forensics
Network Forensics and Analysis Tools
Bro
Nftracker
Snort
Tcpdump
Tcpxtract
Wireshark
Xplico System
Security Onion: All the Tools Rolled into One
Introduction to Unified Communications
Communication is a key part of our everyday lives. Today, we communicate in ways that were not possible for the average consumer just 15 years ago. Currently, there are multiple media by which communication can take place, from telephony to email to instant messaging to video conferencing. Since the first call was made on the telephone in 1876, improvements have been made on the utilization and transport of the human voice from one location to another. However, to provide lower costs and enhanced features, VoIP has been on almost everyone’s radar. However, as the voice and data networks continue to converge, there is a serious need to understand the technology and attack vectors and means to protect company sensitive information within this bleeding edge technology.
In this chapter, we discuss the primary protocols utilized for VoIP: SIP, H.323, and RTP. Additionally, we have a brief introduction to forensics and how it can be utilized within the VoIP environment.
Protocols
At the heart of VoIP, there are several key components that are required as part of the call build-up and teardown. The first of these is the protocols. VoIP protocols can be broken down into two main areas, signaling and media session. Let’s take a look at these at a high level and discuss some of the various protocols.
Signaling
Signaling is utilized for the buildup and teardown of the call. To look at this from a very basic simple point of view, this is where we are dialing the party we which to reach. There are two common protocols that are utilized for VoIP: SIP and H.323. Let’s take a look at these two protocols.
SIP is one of the most commonly utilized signaling protocols within the market. SIP stands for Session Initiation Protocol. It is utilized for the creation, modification, and termination of calls within the VoIP environment. It is a client-server protocol, in that it uses a request-response format, as we will see later. The SIP Header is 32 bits and holds information such as version, source and destination address. Let’s look at a graphical representation of the header (Figure 1.1).
Figure 1.1 SIP header format.
Now that we have seen what the header looks like, let’s review the SIP Dataflow. First, the caller sends an invite to the SIP Proxy, which then relays the call, either to the SIP proxy of the party we are calling or directly to the called party. Then, if the caller is available, it sends a Ringing command back to the caller. Once the called party answers the call, an OK command is sent back to the caller. This is where the SIP protocol, for the time being, stops for the most part.
Once the caller or called party terminates the call, or hangs up, a BYE command is sent to the callers.
SIP is also utilized for registration of VoIP endpoints. The endpoint sends a REGISTER request to the registrar or SIP proxy. The registrar or SIP proxy then validates the endpoint’s credentials. If the credentials are correct, the device registers with the system. If it is not authorized or the credentials are incorrect, it sends back an UNAUTHORIZED, and the device is unable to connect. Below we have examples of this call