Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Securing VoIP Networks", Peter Thermos/Ari Takanen

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Han
    BKSVOIPN.RVW 20070913 Securing VoIP Networks , Peter Thermos/Ari Takanen, 2008, 0-321-43734-9, U$44.99/C$51.99 %A Peter Thermos %A Ari Takanen %C P.O.
    Message 1 of 1 , Nov 5, 2007
      BKSVOIPN.RVW 20070913

      "Securing VoIP Networks", Peter Thermos/Ari Takanen, 2008,
      0-321-43734-9, U$44.99/C$51.99
      %A Peter Thermos
      %A Ari Takanen
      %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
      %D 2008
      %G 978-0-321-43734-1 0-321-43734-9
      %I Addison-Wesley Publishing Co.
      %O U$44.99/C$51.99 fax: 416-443-0948 800-822-6339 bkexpress@...
      %O http://www.amazon.com/exec/obidos/ASIN/0321437349/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/0321437349/robsladesin03-20
      %O Audience s- Tech 2 Writing 1 (see revfaq.htm for explanation)
      %P 359 p.
      %T "Securing VoIP Networks"

      The foreword and preface both stress that the principles used to
      secure VoIP (Voice over Internet Protocol) systems are suitable for
      any multimedia application over the Internet. While this may be true
      in terms of the technology, the perspective indicates that the authors
      fail to recognize how many naive users are experimenting with the
      technology, and managing their own systems. The large number of
      novices in this technology space is a major threat in itself. It is a
      truism that there are social controls for technical problems, but no
      technical controls for social problems. That Thermos and Takanen
      disregard this situation is disturbing.

      Chapter one is a generic overview of telephony and VoIP related
      topics. The discussion of security is also vague. There is, for
      example, mention of the difficulty of node identification, but no
      follow up deliberation on resultant problems such as fraud. VoIP
      architectures and protocols are listed in chapter two. A structure,
      and the relationship of the protocols to each other, would have been
      an improvement. Threats are examined in chapter three: some
      nebulously and others in excruciating detail. Chapter four outlines
      two lists of vulnerabilities, and then presents a taxonomy of VoIP
      hazards based upon those previously presented. There doesn't seem to
      be much practical application to the material, although it may be of
      interest to researchers. Signalling protection mechanisms, listed in
      chapter five, are primarily based on existing Internet encryption and
      authentication protocols, except for the specialized subset of the
      H.323 suite. The Secure Real Time Protocol (SRTP) is outlined in
      chapter six. Chapter seven deals with key management, which is an
      important issue in regard to almost all the security conventions
      associated with VoIP. General network security concerns are discussed
      with some emphasis on VoIP in chapters eight and nine. Chapter ten
      examines overall Internet Service Provider (ISP) architectures in
      terms of VoIP issues. Chapter eleven revisits some topics from the
      previous three chapters.

      The text is turgid and verbose, and the use of idioms is often quite
      clumsy and annoying. While "Practical VoIP Security" (cf.
      BKPVOIPS.RVW) is older, and the current work lists some of the more
      recent protocols, it is difficult to say that Thermos and Takanen have
      provided a more useful text.

      copyright Robert M. Slade, 2007 BKSVOIPN.RVW 20070913

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      Puritanism: The haunting fear that someone, somewhere may be
      happy. - H. L. Mencken
    Your message has been successfully submitted and would be delivered to recipients shortly.