Practical VoIP Security

Voice Over IP (VoIP) phone lines now represent over 50% of all new phone line installations. Every one of these new VoIP phone lines and handsets must now be protected from malicious hackers because these devices now reside on the network and are accessible from the Internet just like any server or workstation.This book will cover a wide variety of the publicly available exploit tools and how they can be used specifically against VoIP (Voice over IP) Telephony systems. The book will cover the attack methodologies that are used against the SIP and H.323 protocols as well as VoIP network infrastructure. Significant emphasis will be placed on both attack and defense techniques. This book is designed to be very hands on and scenario intensive.

Voice Over IP (VoIP) phone lines now represent over 50% of all new phone line installations. Every one of these new VoIP phone lines and handsets must now be protected from malicious hackers because these devices now reside on the network and are accessible from the Internet just like any server or workstation.

This book will cover a wide variety of the publicly available exploit tools and how they can be used specifically against VoIP (Voice over IP) Telephony systems. The book will cover the attack methodologies that are used against the SIP and H.323 protocols as well as VoIP network infrastructure. Significant emphasis will be placed on both attack and defense techniques. This book is designed to be very hands on and scenario intensive
More VoIP phone lines are being installed every day than traditional PBX phone lines· VoIP is vulnerable to the same range of attacks of any network device· VoIP phones can receive as many Spam voice mails as your e-mail can receive Spam e-mails, and as result must have the same types of anti-spam capabilities

Contents
1. Introduction
2. Architectures
3. Hardware
4. Protocols
5. Support Protocols
6. Protocol Security
7. Threats
8. Solutions Overview
9. Reuse Existing Security Infrastructure Wisely
10. Confirm User Identity
11. Active Security Monitoring
12. Logical Segregation
13. Encryption
14. A Note on Regulatory Compliance
15. Recommendations
16. Appendix

A: Access List Guidelines

Thomas Porter, Jan Kanclirz Jr., “Practical VoIP Security”
2006 | pages: 592 | ISBN: 1597490601 | PDF | 9,7 mb

Download : Practical VoIP Security

Fix msfupdate Problem

Error : Could not find pg-0.15.0 in any of the sources. Run `bundle install` to install missing gems

The possibility of this error was their because while i was running the msfupdate command it shows me a error in some pg-0.15.1 package installation.

solution

• Go the this path (for 64 bit backtrack 5r3) - root@bt: cd /opt/metasploit/ruby/lib/ruby/1.9.1/x86_64-linux/

• Edit this file rbconfig.rb

• Search for this line - CONFIG["LIBRUBYARG_STATIC"] = “-Wl,-R -Wl,$(libdir) -L$(libdir) -l$(RUBY_SO_NAME)-static”  and Remove this - -l$(RUBY_SO_NAME)-static

• Save 

Video :

Linux Malware Incident Response

Linux Malware Incident Response: A Practitioner's Guide to Forensic Collection and Examination of Volatile Data: An Excerpt from Malware Forensic Field Guide for Linux Systems

Book Details:

Pages: 134 
Publisher: Syngress (March 2013)
Language: English
ISBN-10: 0124095070
ISBN-13: 978-0124095076
Format: PDF, EPUB

Book Description:

Linux Malware Incident Response is a first look at the Malware Forensics Field Guide for Linux Systems, exhibiting the first steps in investigating Linux-based incidents. The Syngress Digital Forensics Field Guides series includes companions for any digital and computer forensic investigator and analyst. Each book is a toolkit with checklists for specific tasks, case studies of difficult situations, and expert analyst tips. This compendium of tools for computer forensics analysts and investigators is presented in a succinct outline format with cross-references to supplemental appendices. It is designed to provide the digital investigator clear and concise guidance in an easily accessible format for responding to an incident or conducting analysis in a lab.

Presented in a succinct outline format with cross-references to included supplemental components and appendices
Covers volatile data collection methodology as well as non-volatile data collection from a live Linux system
Addresses malware artifact discovery and extraction from a live Linux system

Table of Contents
Chapter 1. Linux Malware Incident Response

Appendix A. Linux Field Guide Tool Box
Appendix B. Selected Readings
Appendix C. Interview Questions
Appendix D. Pitfalls to Avoid
Appendix E. Live Response Field Notes

Download : Linux Malware Incident Response

MASTERING WINDOWS NETWORK FORENSICS AND INVESTIGATION, 2ND EDITION

An authoritative guide to investigating high-technology crimes Internet crime is seemingly ever on the rise, making the need for a comprehensive resource on how to investigate these crimes even more dire. This professional-level book--aimed at law enforcement personnel, prosecutors, and corporate investigators--provides you with the training you need in order to acquire the sophisticated skills and software solutions to stay one step ahead of computer criminals.

• Specifies the techniques needed to investigate, analyze, and document a criminal act on a Windows computer or network
• Places a special emphasis on how to thoroughly investigate criminal activity and now just perform the initial response
• Walks you through ways to present technically complicated material in simple terms that will hold up in court
• Features content fully updated for Windows Server 2008 R2 and Windows 7

Covers the emerging field of Windows Mobile forensics
Also included is a classroom support package to ensure academic adoption, Mastering Windows Network Forensics and Investigation, 2nd Edition offers help for investigating high-technology crimes.

About the Author
Steve Anson, CISSP, EnCE, is the cofounder of Forward Discovery. He has previously served as a police officer, FBI High Tech Crimes Task Force agent, Special Agent with the U.S. DoD, and an instructor with the U.S. State Department Antiterrorism Assistance Program (ATA). He has trained hundreds of law enforcement officers around the world in techniques of digital forensics and investigation. Steve Bunting, EnCE, CCFT, has over 35 years of experience in law enforcement, and his background in computer forensics is extensive. He has conducted computer forensic examinations for numerous local, state, and federal agencies on a variety of cases, as well as testified in court as a computer forensics expert. He has taught computer forensics courses for Guidance Software and is currently a Senior Forensic Consultant with Forward Discovery. Ryan Johnson, DFCP, CFCE, EnCE, SCERS, is a Senior Forensic Consultant with Forward Discovery. He was a digital forensics examiner for the Durham, NC, police and a Media Exploitation Analyst with the U.S. Army. He is an instructor and developer with the ATA. Scott Pearson has trained law enforcement entities, military personnel, and network/system administrators in more than 20 countries for the ATA. He is also a certifying Instructor on the Cellebrite UFED Logical and Physical Analyzer Mobile Device Forensics tool and has served as an instructor for the DoD Computer Investigations Training Academy.

Product Details
Paperback: 696 pages
Publisher: Sybex; 2 edition (June 26, 2012)
Language: English
ISBN-10: 1118163826
ISBN-13: 978-1118163825

Download Link : MASTERING WINDOWS NETWORK FORENSICS AND INVESTIGATION, 2ND EDITION