Book Review: Hacking VoIP

In a concise two hundred and eleven pages the author has attempted to cover the protocols, security threats and their countermeasures, audit issues related to Voice over Internet Protocol(VoIP). As outlined in the beginning of the book, the audience is the VoIP administrators and other related IT personnel tackling the nitty-gritties of implementation and day-to-day functioning VoIP in an enterprise network.

With a clear primary goal of discussing security exposures and their possible solutions, the book does a good job as it takes through a security specific discussion and labs on signaling via SIP(Session Initiation Protocol) and H.323. There are also discussions on security issues related to media layer as implemented via Real-time transport protocol and security issues for both signaling and media in Inter-Asterix eXchange(IAX).  

Some of the interesting topics in the book also include exploiting weaknesses in SNMP utilizing a tool such as GetIf and making free calls using VoIPBuster. The book ends with the topics on countermeasures and audit portions. Major approach presented is the ability to provide security at both the session and media layer.

With a focused audience and a clear goal, the book does justice for a technology moving towards maturity even as it finds a growing acceptance in the enterprise. Only one suggestion can be to include some more developments, solutions and techniques still not implemented in enterprise networks but having good scope.