-
/
VoIP/IP telephony in Estonia… disrupted by botnets?
Continue Reading: VoIP/IP telephony in Estonia… disrupted by botnets?With my post earlier this month about the possibility of SIP botnets, I’ve had a number of people asking about more information and wondering about the possible impacts. And while I will write more on botnets in general, as far as the potential impact of “botnets” in general, one need only look over at the current situation in Estonia:
- Washington Post: “Cyber Assaults on Estonia Typify a New Battle Tactic“
- CNN: “Estonia suspects Kremlin in Web attacks“
- BBC: “Estonia hit by ‘Moscow cyber war’“
Now, perhaps Russia is behind the attack… perhaps not. There are obviously much larger political issues going on between the two states. In the end it doesn’t really matter on one level who exactly is behind it… the net of it is that Estonian entities are being attacked in a massive Distributed DoS (DDoS) brought about in part by botnets. For anyone doubting the potential threat, you need only to read through those news articles to understand what can happen.
In fact, I found it interesting that the UK’s Centre for the Protection of National Infrastructure (CPNI) issued an advisory today about the DDoS attacks against Estonia, mostly to reassure people in the UK that…
-
/
Heading out to Arizona for US DoD/JITC conference on telecommunications
Continue Reading: Heading out to Arizona for US DoD/JITC conference on telecommunicationsIn a few short hours, I will be catching a plane heading out to Fort Huachuca, Arizona, to swim in an alphabet soup of very different acronyms and jargon than my normal work – the “OSD-Sponsored, JITC-Hosted DOD Telecommunications Services Information Conference“. As noted on the page:
The purpose of the conference is to provide an open forum where DOD and vendor representatives can discuss issues related to interoperability of systems providing DOD Telecommunications Switched Services.
The conference will present the current program and discuss ongoing developments to the interoperability certification and information assurance procedures and test documentation. Other topics for discussion include emerging technologies, standards and their integration into the systems providing DOD Telecommunications Services.
I attended last year as well and it’s definitely an interesting experience. The US DoD is really doing some intriguing things with how they make use of VoIP / IP Telephony. Obviously security is rather important. They are also driving IPv6 adoption into their infrastructure and so, with the June 2008 mandate only a year away, it will be quite interesting to hear where they are with regard to IPv6 adoption. Obviously, their huge size and buying power is of strong…
-
/
Getting ready for VoIP "botnets" that attack SIP systems…
Continue Reading: Getting ready for VoIP "botnets" that attack SIP systems…Over on the Voice of VOIPSA weblog, I just posted “Ready or not… here come the IRC-controlled SIP/VoIP attack bots!” Given the sheer number of VoIP security tools out there, I think I and most others involved with VOIPSA figured it was only a matter of time before someone automated the attacks. Did I hope that the creation of “bots” could have held off for a bit longer? Definitely… but we have to play with the cards we are dealt.
I tried in the article not to hype the threat… that we are aware of, there are not massive botnets out there waiting to attack VoIP systems. But there is now a proof-of-concept “bot” out there and those of us dealing with VoIP security have to look at how that could impact us.
And it’s definitely a sign that we as an industry really have to get security locked down on SIP systems!
Technorati tags: voip, voip security, security, voipsa, botnets, SIP, bots, SIP security -
/
Cute move – Skype and Intel team up for Mother’s Day "Global Free Calling Day" (if you are in the US or Canada)
Continue Reading: Cute move – Skype and Intel team up for Mother’s Day "Global Free Calling Day" (if you are in the US or Canada)I do have to hand it to the Skype marketing folks… it’s certainly a cute move on their part to offer Skype users in the US and Canada a full day of free calls to landlines and cell phones around the world. With Mother’s Day being one of the highest days of phone usage, it’s a natural day to pick for a gimmick.
There are limits, though, and the terms and conditions were interesting to read. I’m not sure how to read #9 where users are limited to 200 minutes per call:
Skype asks that you enjoy this offer fairly and sensibly, for your personal and non-commercial purposes. Calls are limited to 200 minutes per computer during the offer period. If you make excessive, systematic or intentional misuse of the offer, Skype reserves the right to terminate your access to your account immediately.
So is that 200 minutes, total? Or is that per call? i.e., if you’ve been talking to someone for over 3 hours on the same call you have to hang up and initiate a new call? Either way, it’s a good amount of time to spend on the “phone”.
I also enjoyed this part:
Skype reminds users…
-
/
Skype Journal: 26 Wishlist Items for Enterprise Skype
Continue Reading: Skype Journal: 26 Wishlist Items for Enterprise SkypeOver on Skype Journal, Phil Wolff has posted his “26 Wishlist Items for Enterprise Skype“, which makes for interesting reading. Basically his list of what Skype needs to work in the enterprise. It’s a good list with many good ideas for VoIP in general, not just Skype. The list isn’t prioritized but my 2 cents would be that the #1 thing Skype needs is the network edge proxy server that Phil mentions… some kind of choke point that IT Security managers can use to monitor/block/allow/deny Skype access. The reality is that I think most IT security folks just plain don’t trust Skype.
What do you think of the list?
P.S. Phil also has previously come up with the very cool image/logo to the right that I think all of us VoIP bloggers who write about Skype Enterprise really must use. And if you don’t understand the significance of the logo or the play on words, well, your geek credentials are seriously in doubt. (Hint)
Technorati tags: skype, skypeforenterprise, skypejournal, voip -
/
Skype, PR, trademarks and blogs using Skype’s name in their domain
Continue Reading: Skype, PR, trademarks and blogs using Skype’s name in their domainThose of you with an interest in Skype may wish to read my post over on Disruptive Conversations about VoIP blogger Jan Geirnaert ceasing the use of his skype-watch.com and skype-gadgets.com domains for his blog. I’ve included there links from a number of the other VoIP bloggers who have covered this issue in more detail.
Technorati tags: skype, pr -
/
Skype provides more detail about the Call Transfer API
Continue Reading: Skype provides more detail about the Call Transfer APILast week Skype came out with a Developer Program newsletter that provided a bit more insight into the Call Transfer capability now available in the recently released Mac version 2.6. In the full version of the article, Skype technical project manager Morné van Dalen answers some questions about what the Call Transfer API is all about. It’s interesting to see the discussion here of Group transfer, specifically in this list:
- Skype to Skype (P2P)
- Skype to SkypeOut (P2P to SipOut)
- SkypeIn to Skype (SipIn to P2P)
- SkypeIn to SkypeOut (SipIn to SipOut)
- Skype to Group
- SkypeIn to Group
It’s quite curious, though, that transfer to SkypeIn and SkypeOut will only be available to Skype Pro customers, which of course is not available in North America! Seems a rather puzzling disconnect.
Anyway, it will continue to be interesting to watch these capabilities evolve…
Technorati tags: skype, voip, call transfer -
/
Mitel announces $723 million agreement to buy Inter-Tel
Continue Reading: Mitel announces $723 million agreement to buy Inter-TelYesterday after the close of the market, my employer, Mitel, announced an agreement to acquire Inter-Tel. There’s not much I can say beyond what’s in the news release… but I can say that I am quite excited by the news!
Technorati tags: mitel, inter-tel, telcommunications, voip -
/
Light blogging ahead for the remainder of the week…
Continue Reading: Light blogging ahead for the remainder of the week…It’s a school vacation week here in my part of the USA and I’m planning to be offline for the remainder of the week. Getting outside with my family… going on some day trips, doing some landscaping and otherwise enjoying the beautiful weather we are having right now. I expect to be back posting here on Monday, April 30th. See you then.
-
/
Blue Box Podcast #56 posted, beginning a series of VoIP security tutorials
Continue Reading: Blue Box Podcast #56 posted, beginning a series of VoIP security tutorialsI posted Blue Box Podcast #56 tonight and with it Jonathan and I are beginning a series of mini-tutorials on subjects related to VoIP security. In this show, we talked about voice encryption. In the next show (already recorded) we will talk about signaling encryption. The idea is to cover some basic ground so that people not familiar with the area can have a basic understanding.
Just glad to get that one up – tomorrow I’m going to work on #57 to see if I can get it online for Wednesday. We’re trying hard to get back on a weekly schedule. (#56 was intended to go up last week.)
Technorati tags: bluebox, voip security, voipsa, blue box, voip, security
Disruptive Telephony
Dan York on how Voice over IP is rewriting (almost) everything you thought you understood about telephony…