How to prevent SPIT attacks on VoIP networks?

MGaluzzi

We are looking at switch to a VoIP system, but I’m concerned about problems after making the switch from a conventional PSTN. How much of an issue are SPIT attacks on VoIP networks and what can be done to mitigate the risk?

Answer this Question

Answers

2 total
jimlynch
Vote Up (7)

SPIT Mitigation
http://en.wikipedia.org/wiki/VoIP_spam#SPIT_Mitigation

"RFC 5039 [1] contains some basic methods for the mitigation of telephone spam over SIP:

White Lists and Black Lists
Consent-Based Communications
Reputation Systems
Address Obfuscation and Limited-Use Addresses
Turing Tests, Captchas, Computational Puzzles
Payment
Legal actions"

Number6
Vote Up (5)

So far, I don’t think SPIT (SPam over IP Telephone) attacks are very common. Which isn’t to say that they don’t happen, because they do. I would expect it to be a growing problem as VoIP becomes more and more common. By its nature, a SPIT attack could take up a large amount of storage space and/or negatively impact employee productivity (a phone ringing every few minutes with another spam call does little to improve productivity), so it is something to be aware of.

There are some software solutions out there that query the incoming caller with a question that requires a verbal answer. If done well, this can prevent pre-recorded messages from getting through while being pretty painless to actual human callers. Also, talk to the VoIP service providers that you are considering. An established company should have some mitigation measures built into the system.

Ask a question

Join Now or Sign In to ask a question.
Europe's 700MHz band should be freed for mobile broadband by 2020, a report to the European Commission recommends.
Facebook is testing a way to let users of its mobile app search for posts shared with them in the past.
It seems like poaching drivers is par for the course in the ride-sharing industry.
Is it crazy to pay $1300 for a Chromebook? Some reflections after a year and a half of living with Google's luxurious Pixel.
Microsoft has consolidated the consumer and enterprise editions of OneDrive under a single Android app, a move it plans to replicate across all the platforms that the cloud storage service runs on.
Google Drive apps are loved for their simplicity and ease of use, but don't let that fool you. There's a whole lot of power locked up in these web apps. And while we'd never put the suite on a par with Microsoft Office, there are some impressive features in Docs, Sheets, and Slides that you've likely overlooked.
While SAP has made a big push into mobile software and device management with the acquisition of Sybase and a series of apps, it hasn't made overt moves into the devices market. But this could change down the road, judging from a recently published patent application submitted by SAP.
Links are, in many ways, the lifeblood of the Internet. They are a good thing but not when they bait you into thinking you're getting something you're not. Links, and more specifically clicking on them, may make the Internet go round, but when that stream becomes a never-ending cycle of buffoonery, scheming and outright lies on sites like Facebook it can be pretty unbearable.
Uber has come under fire this week for employing controversial recruitment practices against rival Lyft, but beyond a question of ethics some experts say the revelations could potentially put the company in legal hot water.
Cotap, a startup launched last year that provides a WhatsApp-like messaging service for the workplace, has integrated its product with four leading cloud storage providers and released a desktop app, as it jockeys for position in the enterprise communications market.