Security tools aim to lessen VoIP vulnerability

Researchers have released a set of tools to test the security of VoIP phone calls. The tools, which saw the light of day at the Black Hat security conference in Las Vegas, are aimed at protecting the security of VoIP networks.

A growing number of people are using the Internet to make phone calls these days, from their workstations or laptops or even their mobile phones. Like any other wired or wireless “public” entity, the VoIP environment is vulnerable to being hacked.

The security tools expose vulnerabilities that need to be explored and prevented. They can be used to attack a VoIP system, like flooding a phone will cause it to reboot. Such an attack is increasingly likely as more and more people use VoIP protocols for their phone and online conversations. One security tool even reassigns a phone altogether, so the current user can’t access his or her own device.

The main target of the security tools is the Session Initiation Protocol, or SIP. Many experts believe that SIP will be the lingua franca of VoIP in the not too distant future (and not Skype). As it stands now, VoIP providers routinely use their own proprietary systems. By anticipating SIP problems now, security experts can be ready when the protocol becomes widespread.