Vulnerabilities in SOHO VoIP gateways

Abstract

The technological advancements and equipment cost reductions, aid in the rapid evolution of residential networks, which evolved in to an autonomous ecosystem with more elaborate services and capabilities than previously experienced. The elements in the residential networks are using a combination of hardware, software and communication protocols with inherent security vulnerabilities due to this new configuration. One such component is the voice over IP (VoIP) gateway, which in many cases is replacing the current Internet gateway thus providing network as well as VoIP connectivity. The new VoIP gateways are required to provide greater robustness and security than the current Internet gateways since they need to support critical services such as E911 and real-time multimedia applications. This paper reflects the results of a research study that aimed at identifying security issues associated with residential VoIP gateways, including signaling and media routing, implementation, operation, and network management in order to understand their impact on end users and service providers. The findings suggest that attacks such as message, replay, amplification (i.e. Denial of Service or "DoS" ), annoyance (SPIT), and eavesdropping along with misconfiguration and several other weaknesses can have a severe impact on the subscriber's ability to communicate in an emergency or disclosure of sensitive information.