How to prevent SPIT attacks on VoIP networks?

MGaluzzi

We are looking at switch to a VoIP system, but I’m concerned about problems after making the switch from a conventional PSTN. How much of an issue are SPIT attacks on VoIP networks and what can be done to mitigate the risk?

Answer this Question

Answers

2 total
jimlynch
Vote Up (8)

SPIT Mitigation
http://en.wikipedia.org/wiki/VoIP_spam#SPIT_Mitigation

"RFC 5039 [1] contains some basic methods for the mitigation of telephone spam over SIP:

White Lists and Black Lists
Consent-Based Communications
Reputation Systems
Address Obfuscation and Limited-Use Addresses
Turing Tests, Captchas, Computational Puzzles
Payment
Legal actions"

Number6
Vote Up (5)

So far, I don’t think SPIT (SPam over IP Telephone) attacks are very common. Which isn’t to say that they don’t happen, because they do. I would expect it to be a growing problem as VoIP becomes more and more common. By its nature, a SPIT attack could take up a large amount of storage space and/or negatively impact employee productivity (a phone ringing every few minutes with another spam call does little to improve productivity), so it is something to be aware of.

There are some software solutions out there that query the incoming caller with a question that requires a verbal answer. If done well, this can prevent pre-recorded messages from getting through while being pretty painless to actual human callers. Also, talk to the VoIP service providers that you are considering. An established company should have some mitigation measures built into the system.

Ask a question

Join Now or Sign In to ask a question.
Nextdoor, a growing app for connecting people with their neighbors, wants to make those neighborhoods safer.
To make it easier for higher mobile broadband speeds using small cells, Alcatel-Lucent has joined forces with outdoor advertising company JCDecaux on the development of connected ad panels.
Charlie Herrin, the man that led the overhaul of Comcast’s cable box UI as part of its X1 platform, will be tasked with redoing the company’s relationship with its customers. Here’s a brief to-do list for Herrin in his new job.
The Shellshock Bash bug was found in a typical voice-over-IP (VoIP) phone system, opening up the possibility that many more of the business communication systems could be vulnerable if attacked.
Japan's Softbank is in talks to acquire Dreamworks Animation, The Hollywood Reporter said late Saturday citing a source. The Wall Street Journal later reported the same news citing "people familiar with the matter."
Uber is pushing back against the latest legal challenge to its business, saying accusations against it and its competitors are inaccurate and need correcting.
These are the three ways Facebook allows you to control what you share and with whom you share it. Here's the rundown.
Russia's communications regulator has ordered Facebook, Twitter and Google to join a register of social networks or face being blocked in Russia, according to a report in the newspaper Izvestia.
A new social network is generating buzz for its hard stance against paid advertising and data collection. But how the site really works, when it comes to privacy, is a little more nuanced.
The amount of personal information held by firms like Google and Facebook has made them ripe targets for data-hungry governments and intelligence agencies. But the bull's-eye on Yahoo's back may be losing its appeal.

White Papers & Webcasts

See more White Papers | Webcasts

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+