Computer VoIP Phones Security
Vioce Over Internet or VOIP For Short is Promising technology for delivering the voice information over the Internet Protocol (IP) . Here you will Find Complete information on VOIP , VOIP phones, VOIP Software, VOIP gateways, VOIP Gate Keepers VOIP Proxies, VOIP SDKS etc.
Introduction
The increased use of internet and peer-to-peer networking has resulted in the proliferation of hacking and worm and virus attacks. Some technocrats envision a future where modern terrorists and thieves deliver their attacks through computer keyboards rather than bombs and guns.
Telecom and especially computer telephony have evolved as the prime target for malicious attackers for two reasons. One reason is that these are media everyone uses. Secondly internet telephony systems as they are now are potentially very vulnerable to hacking.
Reasons for Vulnerability
The reasons are not hard to find. First of all, VoIP has voice and needs a special system that converts voice into data packets before sending it across the net. Any lapse on this system can result in the calls being intercepted.
Secondly, most of (about 90%) of VoIP services operate using industry standard codes and protocols, which are open and interpretable to anyone. The same applies to IM services too. These factors make it very easy for hackers to eavesdrop or send harmful programs to the individual computers using these services. This is all the more true for peer-to-peer computer phones.
Now Let us examine what can be done to ensure better security while using VoIP services.
Voice Compression
As a first step, the VoIP service should be compressing your voice into encrypted packages before sending it across the internet and converting it back to voice at the destination. The VoIP provider should be using proprietary software for this purpose, so that no one else has the chance to intercept the data in a meaningful way.
Phone Identity Verification
The VoIP service provider should be providing you a confidential phone number and password while you download and install their computer phone software (called softphone) on your computer. This process has to combine the phone name and the hardware data from the particular computer you are using, to create a unique ID. This ID is known only to the particular VoIP’s own server. This combination of hardware and software identities will prevent unauthorized installation by another person.
Client Server Model
Ensure that the VoIP service you are choosing follows a client server model, where the client is the individual softphone installed on your computer. Moreover the Server should be protected by a secure proprietary firewall, held in a professional facility. This way, the information exchange happens strictly between the client and the server without opportunity for third-party interference. This keeps information like buddy lists, call patterns etc. remains strictly protected.
Softphone Arrangement
The VoIP service’s softphone should ideally follow the path permitted by the proprietary firewall for web browsing (mostly TCP ports 80 and 443). This way users can make calls from anywhere without compromising the firewall set up.
Also, the softphone should be in constant touch with the server to keep the server updated about its status. This can avoid the need for setting up an IP address for the PC running the softphone and also ensures user flexibility. The computer phone should also be compatible with Network Address Translation (NAT) and Port Address Translation (PAT).
Call Log
Another must have feature is a system to keep track of usage and activity. The softphone should have usage log that registers all inbound, outbound and missed calls. The VoIP service’s website also should register and record the information. Users should be able to log in using their confidential number and password to view information such as call charges.
