VoIP Security at RSA

On Tuesday at the RSA conference in San Jose, California, David Endler of Tipping Point, a 3Com company, said that underlying operating systems pose a bigger threat to VoIP systems than script kiddies. He said the means for criminal hackers to disrupt VoIP remains out of the hands of most script kiddies--for now. He cited Cisco Cal Manager as an example of a VoIP system that relies upon Windows 2000. Vulnerabilities within Windows 2000 could affect VoIP service, such as garbling voice communications. Endler noted that because of VoIP's dependence upon the operating system platform, viruses and worms currently do affect VoIP. Worms, such as Nimda, may slow your Internet browser, but they can cripple your VoIP system. He recommends keeping your VoIP system patched with the latest updates. More-sophisticated attacks, such as registration hacking, require inside access--at which point, he says, you have other problems to worry about.