By Nicholas Grant
Unified Communications Forensics: Anatomy of universal UC assaults is the 1st e-book to provide an explanation for the problems and vulnerabilities and reveal the assaults, forensic artifacts, and countermeasures required to set up a safe (UC) surroundings.
This publication is written through major UC specialists Nicholas supply and Joseph W. Shaw II and gives fabric by no means sooner than stumbled on out there, together with:
. research of forensic artifacts in universal UC assaults
. an in-depth examine confirmed UC applied sciences and assault exploits
. hands-on knowing of UC assault vectors and linked countermeasures
. spouse site http://secvoip.com giving readers entry to the main up to date details on UC attacks.
. presents key info for hackers and pen testers at the most present Unified Communications implementations.
. the single ebook to discover and show find out how to paintings with electronic artifacts from assaults in the UC setting.
. bargains with UC defense from a number of angles-less approximately thought and extra approximately hands-on chance safeguard and forensics.
Read Online or Download Unified Communications Forensics. Anatomy of Common UC Attacks PDF
Similar network security books
The SANS Institute keeps an inventory of the "Top 10 software program Vulnerabilities. on the present time, over half those vulnerabilities are exploitable through Buffer Overflow assaults, making this category of assault the most universal and most threatening weapon utilized by malicious attackers. this is often the 1st booklet particularly geared toward detecting, exploiting, and fighting the commonest and hazardous assaults.
This publication offers with computing device viruses envisaged from 3 assorted issues of view, particularly the theoretical basics of desktop virology, algorithmic and sensible elements of viruses and their strength purposes to numerous parts. The theoretical formalization by way of Turing machines, self-reproducing automata and recursive features allow an actual and exhaustive description of the different sorts of malware.
Utilizing key occasions to demonstrate significant matters, web and the legislation: expertise, Society, and Compromises explores such major felony battles as A&M files v. Napster and Apple laptop v. Franklin computing device, permitting readers a glance into tales of exchange secrets and techniques, track robbery, and commercial espionage.
This ebook describes tendencies in electronic mail scams and provides instruments and techniquesto determine such tendencies. It additionally describes automatic countermeasuresbased on an figuring out of the kind of persuasive equipment used byscammers. It reports either consumer-facing scams and company scams,describing in-depth case stories in terms of Craigslist scams and BusinessEmail Compromise Scams.
Additional info for Unified Communications Forensics. Anatomy of Common UC Attacks
DISA is a feature set that allows users to dial into the PBX and with or without a PIN (Personal Identification Number) is granted access to part or complete calling access to the PBX. This could include making outbound calls, 27 28 CHAPTER 3 Misconfiguration Begat Toll Fraud and Other VoIP Mischief accessing voicemail systems to check or leave messages, and any other access that might be available. While this may seem like a great feature for the road warrior, there are some issues that could arise from this.
Password/PIN Strength One of the above-mentioned protections is that PINs should follow, as closely as possible, corporate password policy. The key here is to make it hard to guess. While this may cause issues with some users that could forget their PIN, it is important to realize a short PIN could result in the compromise of the CEOs voicemail to allow fraudsters the ability to make calls anywhere your PBX allows calling for the standard user. In addition to PINs needing to follow corporate password policies, end-point passwords must follow these policies as well.
Additionally, these features should require administrator access to enable or disable them. It has been seen in some corporations that these features are disabled by default, and require senior level management approval for their use. Also, the VoIP administrator has to enable and configure the settings. This protects against call forwarding settings being changed willy-nilly to suit the needs of the fraudster or misuse by employees. 29 30 CHAPTER 3 Misconfiguration Begat Toll Fraud and Other VoIP Mischief Also, it is important that any inbound numbers that provide an outbound dial tone be strongly protected.