This book is devoted to cracking voice over Internet protocol (VoIP) systems. It will be most relevant to practitioners in the field of building VoIP systems since it documents the known vulnerabilities in the VoIP offerings of several vendors (as well as open-source VoIP platforms) and suggests guidelines on how to counter these and related vulnerabilities. The book can also be used as supplementary material in an advanced undergraduate or a graduate course on VoIP security as a case study on how not to design user interfaces that are susceptible to attacks (one VoIP phone vendor allows anyone with access to the administrative Web interface of the phone to capture all traffic on the network) and how to make VoIP servers robust against attacks.

An additional benefit of this book is the number of tools that are freely available for VoIP hacking. There are tools for password guessing, real-time protocol (RTP) mixing, and everything in between. It would have been convenient to have a table that listed each tool, what it does, and where to download it.

The book is organized into five parts. Part 1 contains the normal cracking cycle: reconnaissance, attack, and takeover. The signaling protocol of choice for attacks is session initiation protocol (SIP). Endler and Collier outline their SIP network and provide a brief introduction to the signaling protocol, as well as to RTP, the media protocol. Endler and Collier demonstrate information gathering, host scanning, and enumerating techniques. The host-scanning techniques based on nmap are included, although Endler and Collier omit the most obvious strategy: Web-based scanning. Most SIP phones and some SIP servers are configurable through a Web server. Thus, the easiest method of gathering information is to access the Web server and see what damage can be done.

Another aspect I found a little puzzling in this section was the use of enumeration techniques to gather a list of registered users at a SIP server. In SIP, an insidious side effect of gathering this information is that an attacker has instant knowledge of the IP address where the user can be reached. Thus, severe attacks can be mounted after, or even during, the enumeration phase.

Part 2 contains four chapters that describe attacks on various components of the VoIP infrastructure: dynamic host configuration protocol (DHCP) server resource exhaustion; flooding attacks and packet fragmentation attacks; domain name system cache poisoning; and RTP stream attacks, including recording an RTP stream, injecting malicious packets in an RTP stream, and replacing packets in an audio stream.

Part 3 focuses three specific VoIP platforms (two commercial and one open source). For each platform, reconnaissance techniques are presented, as are exploits specific to each platform.

The theme of Part 4 is VoIP session and application hacking using techniques ranging from buffer overflow to signaling and media manipulation. Two open-source SIP servers—Asterisk and SER—are subjected to various flooding attacks to observe their behavior. The flooding attacks resulted in the SIP servers running out of memory or having too many open files (resource exhaustion). For many of the flooding attacks, the authors state two countermeasures: using a persistent transmission control protocol (TCP) connection and using transport layer security (TLS). Neither of these is perfect, although use of TLS is much better than TCP. With a persistent TCP connection, there is a chance of session hijacking as the client cannot authenticate the server. TLS, in SIP, suffers from the hop-by-hop encryption model; every intermediary server is privy to the clear-text signaling, resulting in a loss of privacy. Thus, neither of these two countermeasures is really effective.

Part 5 looks at emerging threats in the form of spam over Internet telephony and VoIP phishing. The book only scratches the surface of these new threats.

In summary, the book is most relevant to network administrators and system designers who want to know the threat model of a VoIP service. Some attacks, such as the SIP forking attack (where a pair of SIP servers that do not detect looped requests simply ping-pong requests between themselves until they run out of resources), are not discussed at all;other issues—like the security properties of keying a secure RTP (SRTP) media stream in SIP, or SRTP-specific attacks—are not mentioned either. As a window into the state of VoIP security, this is an indispensable book.