How to prevent SPIT attacks on VoIP networks?

MGaluzzi

We are looking at switch to a VoIP system, but I’m concerned about problems after making the switch from a conventional PSTN. How much of an issue are SPIT attacks on VoIP networks and what can be done to mitigate the risk?

Answer this Question

Answers

2 total
jimlynch
Vote Up (7)

SPIT Mitigation
http://en.wikipedia.org/wiki/VoIP_spam#SPIT_Mitigation

"RFC 5039 [1] contains some basic methods for the mitigation of telephone spam over SIP:

White Lists and Black Lists
Consent-Based Communications
Reputation Systems
Address Obfuscation and Limited-Use Addresses
Turing Tests, Captchas, Computational Puzzles
Payment
Legal actions"

Number6
Vote Up (5)

So far, I don’t think SPIT (SPam over IP Telephone) attacks are very common. Which isn’t to say that they don’t happen, because they do. I would expect it to be a growing problem as VoIP becomes more and more common. By its nature, a SPIT attack could take up a large amount of storage space and/or negatively impact employee productivity (a phone ringing every few minutes with another spam call does little to improve productivity), so it is something to be aware of.

There are some software solutions out there that query the incoming caller with a question that requires a verbal answer. If done well, this can prevent pre-recorded messages from getting through while being pretty painless to actual human callers. Also, talk to the VoIP service providers that you are considering. An established company should have some mitigation measures built into the system.

Ask a question

Join Now or Sign In to ask a question.
The organizers of the FirstNet LTE public safety network have the frequencies and standards they need to build the system, and they know where the money's coming from. They know how to get there from here, but it won't be a quick trip.
A bill that allows consumers to unlock their cellphones for use on other carriers passed its last hurdle in Congress on Friday, opening the way for it to become law once it is signed by President Barack Obama.
The U.S. Securities and Exchange Commission has dropped its investigation into disclosures about Facebook advertising sales before the company went public in 2012.
Facebook reported Wednesday that it now handles an average of more than 1 billion searches a day, but it still has work to do to provide a comprehensive search tool.
A majority of AT&T's new smartphone customers are now choosing a plan where they pay for their phones over time, helping to drive strong second-quarter financial results, the carrier said.
Dropbox will continue beefing up the business version of its cloud storage and file sharing service, adding security features to shared links, full-text search capabilities and new tools for enterprise developers.
Microsoft paid more than $7 billion for Nokia's handset and services business, and the jury is still out as to what it means for its future. In the past quarter it boosted Microsoft's revenue but also ate into its profit.
There's a new dating app trying to let in only the most desirable bachelors, by letting women choose who can join.
Record numbers of new tablet users, and the first rise in fixed-line revenue in seven years, drove Verizon Communications' second-quarter revenue up 5.7 percent year on year, it reported Tuesday.
Email encryption startup Virtru has launched a version of its service for businesses using Google Apps, a market segment that the company thinks is showing increased interest in secure communications.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness