Re: IPS to protect against VOIP Attacks



I know that NETASQ UTM have VoIP "Plugins" (Protocol decoder for IPS
ASQ) for SIP, MGCP, RTP, etc. analysis.

They can block (un)known attacks with protocol compliance verifications.

I had a white paper about VoIP security provided by NETASQ, but it's
in French only :(
Don't hesitate if you need it or some information about NETASQ IPS.
-------------------------------------------------------------------


On Wed, Jan 6, 2010 at 04:19, aditya mukadam <aditya.mukadam@xxxxxxxxx> wrote:

We have had good experience with Tipping Point IPS. Please check
http://www.tippingpoint.com/pdf/resources/datasheets/400920-001_VoIPSecurity.pdf

Hope this helps
Aditya Govind Mukadam


On Tue, Jan 5, 2010 at 11:36 PM, Shawn Merdinger <shawnmer@xxxxxxxxx> wrote:
Hi Juan,

You might consider asking folks on the VOIPSA mailing list as well;
I'm sure you'll get all kinds of opinions, quite likely something
useful ;-)

www.voipsa.org

Cheers,
--scm


2010/1/2 juan babi <juan_babi@xxxxxxxxxxx>:
I was wondering which is the best (or at least-good) IPS
against VOIP attacks coming from the internet to the client network. he has an Asterisk
n the DMZ and cisco call manager in the lan. I want to protect the voip
components with an IPS against known attacks and DOS-DDOS attacks as well.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



Relevant Pages

  • RE: False Positives with IntruVert
    ... Subject: False Positives with IntruVert ... a different statement than IPS is not functional or not worth time or money. ... prevent attacks, ... profiled the attacks (signature or anomaly or combination of both)) has ...
    (Focus-IDS)
  • Re: IPS/IDS behavior with ISIC/UDPSIC/TCPSIC/ICMPSIC traffic
    ... considered as an attack that need to be protected by IPS devices? ... ISIC generates many packets with different IP protocols. ... If you still see 100% CPU problem, you may like to check you log settings. ... with real-world attacks from CORE IMPACT. ...
    (Focus-IDS)
  • RE: False Positives with IntruVert
    ... right on defense for IPS that I have seen. ... Subject: False Positives with IntruVert ... There are clearly attacks that will 100% not false positive. ...
    (Focus-IDS)
  • RE: icsa ips testing vulnerability set
    ... The vulnerabilities listed are outdated, ... typical network pipe. ... then the IPS in question has the relevant engines in place necessary to ... You are thinking of a coverage test, meaning "let's see how many attacks ...
    (Focus-IDS)
  • Re: IPS/IDS behavior with ISIC/UDPSIC/TCPSIC/ICMPSIC traffic
    ... I am not aware of whether NSS has or not the DDOS attacks in its list, ... Rate of traffic (earlier i worked with Intoto IPS and it has this type ... Why is this not considered in NSS testing criteria? ... ISIC generates many packets with different IP protocols. ...
    (Focus-IDS)