CHAPTER 2 – Insecure Endpoints

Publisher Summary This chapter presents a number of common attacks against unified communications (UC) endpoints with some specific examples. First, there are some very simple, rudimentary attacks that may also be very effective at knocking UC endpoints off the network. A very basic attack is to simply flood a network with an extremely high volume of packets. This may cause performance of the UC endpoints to degrade significantly. One of the simplest attacks is to write a short script that sends the Session Initiation Protocol (SIP) command BYE to every IP address in a range. Beyond the really basic attacks, an attacker needs to find UC endpoints that can be attacked, identify what those endpoints are, and then proceed to attack those endpoints. One of the ways for an attacker to identify target UC endpoints is to simply do a Google search on certain unique phrases that appear in URLs associated with the administration interface for the endpoint. Default passwords continue to be probably the single biggest problem with UC endpoints, particularly for hardware endpoints such as IP phones. One reason for this is the desire by IP phone vendors to make it as easy as possible for large companies to rapidly configure and deploy large numbers of IP phones.