General information
Code: VS
Duration: 3 days
Present: 10 Maximum
Price: 1880 HT
Public concerned
- Consultants in safety
- Engineers/Technicians
- Administration network
Prérequis
- Administration network
- TCP/IP
Means
- Support of course
- 80% of practical exercises
- 1 PC by anybody
- Environment network of test and equipment of test
- 1 PC by anybody
- CD of tools
Objectives
- To manage a VoIP network in a protected way
- To include/understand and detect the
vulnerabilities on a VoIP network and the associated elements
- To use and configure elements Cisco
- To make safe the communications between users
|
Description
This course is a detailed presentation of the
analysis and implementation of the safety of the infrastructures of
Voice on IP. The stress is laid on the study of the protocols
(H.323, SIP, IAX...) and of the architecture of a VoIP network, then
on the analysis of the material vulnerabilities networks and being
able to make it possible to take its control or of espionner the
communications.
Are then detailed the implementations of techniques of
hardening of safety on the level of the communications
(authentification, encoding, integrity...) and on the level of the
hardware and software systems used.
A great part of the demonstrations and tests are carried
out on technologies and equipment Cisco© (telephones Cisco© and waiter Cisco Call Manager in particular) to
facilitate the catch in hand, by the participants, of this current
environment.
This formation is particularly intended to the consultants
who wish to be able to carry out advanced technical tests at the time
of their audits on this type of material, like with the administrators
eager to analyze the safety of their applications and services of
VoIP.
|
Day 1
- Introduction
- The convergence of telecommunications
- What VoIP
- Financial costs to envisage
- Actors of the markets
- Structure of a VoIP network
- Hardware phons
- Softphones
- VoIP Footbridges
- Proxys SIP
- VoIP Protocol
- Protocols of initiation of connection
- H.323, SIP, IAX
- Protocols of transport
- RTP, RTCP
|
Day 2
- VoIP Attacks
- Spoofing
- Spoofing MAC, SIP
- Refusals of services
- TCP Reset Attack, Flood SIP, SPIT
- Interception of the communications
- Listen to physical line, Man in the middle
- Takeover of a proxy SIP
- Attacks on the protocols and services secondary
- DNS, DHCP, TFTP, HTTP
- Attacks of the softphones
Day 3
- VoIP security
- Security of architecture
- Use of the protected protocols
- Hardening of applicative safety
- Limits of safety
|
