Unified communications and its vulnerabilities

Unified communications is a revolutionary technology that integrates many worlds of communication at one place. The way unified communications has converged many services is something unprecedented. You can get all the great features of unified communication like instant messaging, video conferencing, data sharing, electronic whiteboards, and call controls etc through one service. Recent developments in the VoIP industry have made it possible to integrate VoIP with the unified communications. Key VoIP service providers like Packet 8, Axvoice, and Nextiva have already integrated unified communications in their phone services. One unique advantage of integrating unified communications is that you can access them through different devices. A key benefit of unified communications is that the end-user can respond to any type of incoming communication within no time. You will also be able to view one type of communication on a different type of device originally received on another device in a different data format.

Vulnerabilities of Unified Communications

Unified communications are vulnerable to different types of attacks. Let us review these threats which can exploit the weakness of unified communications.

Denial of Service Attack

This is one of the most commonly used ways of attacking unified communications. The attacker can use different attacking techniques to target the end user or even the servers involved in carrying out the whole process. The attacker usually uses SIP messages for the denial of service attack. The attacker waits for an incoming call to a phone user. Once the INVITE has been received by the end user, the attacker immediately sends the cancellation request. Resultantly, an error is generated by the invitee’s device and the call is ended. The main purpose of this attack is usually to disrupt the service. If the end user receives these kinds of calls repeatedly, the unified communication environment can direct the calls to other routes like email, voicemail, message store etc. The other dangerous type of denial of service attack occurs when the dialog is initiated between the two users. The end result is the BYE attack in which the call ends before it starts. This attack is also geared towards disruption of the service.

These both kinds of denial of service attacks can be overcome by a well designed SIP device. An intelligently built SIP device should be able to recognize if a CANCEL or BYE request is initiated by the end user or not. In the same way a private network directed through the UCS is not normally vulnerable to this kind of attack.

Eavesdropping

One of the key features of unified communications is that the end user can send the other user a RE-INVITE in the middle of a conversation for changing the type of communication. This RE-INVITE could also mean change in the location of the conversation. In this change of location, during the RE-INVITE, the attacker many invite someone else to join the conversation as well. The best way for the end user to shield himself from this kind of attacks is to only accept these kinds of invitations from the user who he really trusts. End user is strictly prohibited to send extremely confidential information like credit card number, passport number and other personally identifiable information unless very sure about the intent of the user at the other end.

Message hijacking

This is one other dangerous attack on the end-user. In this particular type of attack all the messages that are sent to the attack are re-sent to some undesirable user or users. The messages may contain very important information like meeting dates, critical document drafts, or other sensitive data. Only share this kind of information through secured means and only with known trusted users at the other end.

Prevention measures

Usually advanced unified communication systems implement a proper authentication system before enabling end to end communication. There needs to be a secure connection between the client and the server by matching the exact security protocols supported by each one of them. Encryption of the communications is one way of ensuring the security of the data travelling between two mediums. Secondly, all devices that are requesting authentication with the unified communication systems first need to be properly and clearly identified before any such permission is granted. A SIP aware firewall installed can also be deployed which can evaluate the SIP headers to ensure their compliance with RFC. Lastly standard techniques should be deployed to protect email servers, voicemail servers, and gateways which are critical to the unified communication environment security.


This was a guest contributed article. Create a FREE account to submit your article today.
Author: Robert Showerma

Setting up Microsoft Windows 2008 R2 Server for ShoreTel

ShoreTel currently runs on Microsoft Servers.   There are a number of Windows components that need to be installed to support the deployment.  If you have been installing ShoreTel for any period of time you already know that  FTP and SMTP services  along with Microsoft Windows ASP.NET, IIS and certain of its components are also required including Active Server Pages and Server Side Includes.  I also recommend that you get HyperTerminal, or better Putty to support SSL connections to ShoreTel switches loaded on your HQ server.    I find SQLyog to be an effective trouble shooting tool, so I also get that on the HQ desktop.  Having Adobe available will enable you to read the online documentation that ShoreTel provides.    If you are new to Microsoft 2008 servers the process for loading Windows Components is a bit different, so this silent video clip will walk you through the process.