Synopsis: Blue Box #60: new VoIP security offerings from CheckPoint, VoIPShield, VoIP and business continuity, CALEA, new VoIP Security book, NAC mini-tutorial, more on botnets, listener comments and more
Welcome to Blue Box: The VoIP Security Podcast #60, a 28-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions.
Download the show here (MP3) or subscribe to the RSS feed to download the show automatically.
You may also listen to this podcast right now:
Show Content:
- 00:20 - Intro to the show, contact information and how to provide comments. Welcome to all the new listeners - and to all those listeners who have been here for so long!
- 01:15 - Programming notes
- Martyn Davies will be moderating a panel on VoIP security at VON Europe that will include Dan and others
- Blue Box dinner at the June VON show on Monday, June 11th
- We’ve recently set up a group on the Facebook social networking site for fans of the show. If you are a Facebook user, feel free to join.
- 02:28 - ComputerWeekly.com: Check Point promises more VoIP security, fewer slowdowns
- 03:35 - VoIPShield Security Suite Debuts…
- 05:21 - PC World: Attackers Get Chatty on VoIP
- 06:37 - Skype Journal: UK: Paedophiles use Skype to find and pursue likely targets
- 07:42 - TMC.net: VoIP Helps Increase Business Continuity Awareness
- 10:10 - VoIPNews: VoIP Providers Hold Their Breath as CALEA Deadline Passes
- 12:15 - New book coming out in August: Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures by Peter Thermos and Ari Takanen
- 13:38 - Voice of VOIPSA: Security: A Question of Balance
- 14:23 - Voice of VOIPSA: Google Launches Security Blog
- 14:54 - Follow-up on the Estonian botnet issue – it apparently wasn’t Russia but instead was botnet groups and Cyberattack in Estonia—what it really means
- 15:48 - SPIT Framework Internet-Draft - stay tuned for a URL
- 16:43 - News Releases:
- 16:54 - Feature - mini-tutorial on NAC
- 20:17 - Upcoming shows:
- Dustin Trammell will be speaking at Defcon 15 about VoIP and steganography
- Ken Camp will be moderating two panels on VoIP Security at IT Expo
- June 12-14, Stockholm, Sweden, VON Europe Spring – both Martyn and I will be there… we’ll have a Blue Box dinner
- July 22-27, Chicago, USA IETF 69
- Aug 20-23, San Francisco, CA, USA VoiceCon SF 2007
- Sept 10-12, Los Angeles, CA, USA ITEXPO West 2007
- Oct 29-Nov 1, Boston, USA, Fall 2007 VON
- 21:32 - comment (email) from Rhodri Davies about SIP botnets
- 23:55 - comment (email) about analog surveillance
- 25:09 - comment (blog) from Security4All
- 25:22 - comment (blog) from Ludovic Petit that he can’t see the PDF files
- 25:44 - comment (facebook) from Reuven
- 26:31 - Review of the last week's traffic on the VOIPSEC public mailing list
- 27:29 - Wrap-up of the show
- 28:35 - End of show
Comments, suggestions and feedback are welcome either as replies to this post or via e-mail to [email protected]. Audio comments sent as attached MP3 files are definitely welcome and will be played in future shows. You may also call the listener comment line at either +1-206-350-2583 or via SIP to '[email protected]' to leave a comment there.
Thank you for listening and please do let us know what you think of the show.
About SIP botnets, there was a presentation on the next generation of Botnets on Blackhat Europe 2007 (amongst others).
Paper: https://www.blackhat.com/presentations/bh-europe-07/Fucs-Paes-de-Barros-Pereira/Whitepaper/bh-eu-07-barros-WP.pdf
They talk about using the Skype API and thus this medium as a covert communication channel, considering Skype features encryption and firewall bypassing techniques.
I also looked over at the presentations from Hotbots but I couldn't find anything SIP related. (http://www.usenix.org/events/hotbots07/tech/)
Best Regards,
Benny Ketelslegers aka Security4ll (my blog)
Posted by: Security4all | June 20, 2007 at 04:42 PM