Browsers, E-mail, & Web Apps forum

General discussion

What is a SIP Threat Management Device (STM)?

by vgrallo / June 12, 2015 12:13 AM PDT

You may be familiar with UTM – Unified Threat Management device, but have you come across an STM – SIP Threat Management device, that is used to protect the IP PBX and IP Phones/Telephony infrastructure from threats/attacks?

Here is a guest post by Martin Andre Strul of Allo.com, manufacturer of STM device, Analog/Digital Telephony cards, and Analog telephone adapters, VOIP gateways, PBX systems, IP Phones and more.

What is STM and how it can help you secure your VOIP infrastructure?

The STM – SIP Threat Management device, is installed in front of any SIP based PBX system or gateway and offers extra layers of security against numerous types of attacks that are targeted towards IP telephony infrastructure. The features offered by the STM complement those of a traditional firewall or UTM, and it can be installed in conjunction with a UTM.

Every year the number of PBX fraud victims increases dramatically. More and more companies are targeted by individuals who are looking to bring down or exploit the communications system. Some do it for fun and others for illicit profit, but the end result is always the same… The victim company goes through hell!

In this article, we will expose the numerous threats your unprotected IP telephony infrastructure faces and which are blocked by the STM.

Things to be considered

•The law is clear, you are the only responsible for the security of your phone system and any charges generated from it.
•You will pay on average 5,000$ USD to 80,000$ per attack to your carrier.
•Downtime of your whole system is very common.
•In some cases you will have to find a different carrier.

Overview of the most common attacks to PBXs today and how the STM handles them

1.SIP Device Fingerprinting: The hacker will try to identify which PBX software is running or which hardware you are using. Once he gets this info, he will look for their weaknesses and attack accordingly. The STM will simply not answer to such requests leaving the hacker in the dark.

2.User enumeration: The hacker will request the system to divulge the extension numbers. Once he gets this info, he can then start looking for the passwords. The STM will not give out this info.

3.Password Cracking Attempt: The hacker will try different user names and passwords in order to gain access to an extension or the admin panel of the PBX. The STM can be configured to block an IP if more than 10 trials are done within 10 minutes, for example.

4.PHREAKERs: These guys take advantage of your negligence and steal from you without really hacking anything… They just check the most common/default user names and passwords used and if they get lucky, it’s a bad day for the victim.

5.The Hardcore Scammer: Using scripts and special tools, these criminals know exactly what they are doing and have the knowledge to hack and exploit an unprotected phone system. The list of scams they can run is long but it can range from setting up an extension in your system and using it to sell cheap international calls, to more elaborate FAX back or CALL back scams where they use your system to call very expensive / minute phone numbers they control…

6.DoS/DDoS attacks: These are designed to flood your PBX with an exaggerated numbers of packets. Their goal is to bring down your communication system and render it unusable. The STM will dynamically block for a pre-determined period of time, the IP or IPs from which these attacks originate.

7.Cross Site Scripting attacks: These are amongst the most complex and hard to achieve. A script is injected in your PBX by the hacker and can program it to do all kind of malicious actions such as having all your extensions ring at once. The STM blocks off the intent and IP address (es) trying to do that.

Commercial message removed by moderator

Post was last edited on June 12, 2015 12:38 AM PDT

Discussion is locked
You are posting a reply to: What is a SIP Threat Management Device (STM)?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: What is a SIP Threat Management Device (STM)?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?