Ten tips for a more secure IP PBX System

If you are in charge of a VoIP system or planning to deploy one, then VoIP security is probably one of the considerations. In this article we present ten simple tips that could help make an IP PBX System more resilient to network attacks.

1. Protect the administrative interface by using a strong password – Most modern IP PBX servers can be configured through a web interface. While this is exceptionally practical, it is very important to choose a strong password. Some IP PBX systems might come with a default password. Leaving such defaults in operation would be asking for trouble. Therefore it is of critical importance to ensure VoIP security that you set a strong password during installation. If your PBX server is hosted on nonproprietary hardware, chances are that it is running a Windows or Linux OS. Such systems typically have a remote administrative interface such as RDP or SSH so that systems administrators can perform maintenance tasks. Attackers are known to actively and blindly target these services by launching brute-force attacks on common usernames on the system. Therefore it is highly important to choose strong passwords for this high privilege user access.
2. Choose strong and unique passwords for the IP phones – Another location where passwords are used in an IP PBX Phone System is the IP Phones. Even though some PBX servers will allow you to have no password or a blank one, avoid doing this. Give each phone extension present on the IP PBX a unique and strong password. A common and classic mistake that jeopardizes VoIP security on PBX systems is to set the password the same as the extension name. For example extension 100 would have a password “100″ and so on. Attackers have long known about this tendency and it will be one of the first things that they will try to exploit. Therefore, do not make use of known patterns for these passwords.
3. Start by implementing VoIP security during design stage – You are more likely to get security right if it is considered a priority from the start. A healthy amount of planning will allow you to avoid security nightmares later on. VoIP security is about reducing the risk to an acceptable level rather than an achievement or product. The best way to do this is by keeping making security a priority from the start.
4. Segregate where possible – Security people tend to be big fans of the KISS principle – keep it simple stupid. Segregation often can help simplify complex networks. However it is important to note that when it comes to network design, there is no single formula that solves all VoIP security issues. Different requirements usually create different limitations, and therefore require different solutions. For example, a hotel will have different security concerns for its IP PBX system than a corporate system. In the case of a hotel phone system, the IP PBX might never need to access the rest of the system and therefore can be physically separate from the hotel internal network. On the other hand, a business IP PBX system might want to allow the help-desk department to make use of software phones and therefore would need the system to be part of the internal network.
5. Reduce exposure to non-trusted networks – Most of the times there is no need to put the VoIP phones on the internet. Therefore the VoIP phones should be placed behind a firewall with restrictive access control rules. This can prevent VoIP spam (also known as SPIT) as well as other internet-based attacks which directly target the VoIP Phones. Similarly, if the PBX itself does not need internet access then placing it on a protected network can greatly decrease the exposure and therefore the risk. When the IP PBX needs to have services exposed on the internet, it is a good practice to allow internet access only to the required services.
6. Make use of an IDS – In VoIP security, implementing preventive measures is only half job. The job of the host intrusion detection system is to help systems administrators and security analysts identify possible security attacks before it is too late. A host-based intrusion detection system or HIDS, can be useful in identifying attacks on a target system by analyzing log files, event logs and file system modifications. A network intrusion detection system or NIDS attempts to identify attacks by monitoring the network instead. One example of NIDS is the freely available Snort, which can be configured to monitor the network for VoIP based attacks and alert the systems administrator when such incidents occur.
7. Monitor network usage – Another way of detecting network based attacks on an IP PBX system is to monitor network usage. Netflow is Cisco’s way to doing this by providing information about network users and applications and peak usage times. MRTG is an open source tool which also allows network operations to monitor the network usage, providing graphs to visually identify unusual network activity. Following such incidents, the persons responsible should investigate to determine whether the traffic is legitimate or not. Certain attacks targeting the VoIP PBX System, such as a password brute-force attack, are known to create a large amount of traffic and these could be detected by making use of the described methods.
8. Harden the OS – One way to harden any operating system of your IP PBX phone system is to stop any unnecessary services. Some of these services might be IIS on Windows or Sendmail on Linux. Apart from that, there are various operating system specific things that one can do to make the base OS more secure. For example, on Windows it is recommended to disable LM and NTLM v1 unless there is need for backwards compatibility.
9. Use a dedicated server – When the IP PBX has various unrelated services running on it, you increase the chance of the IP PBX suffering from an intrusion. For example, if the IP PBX server is also serving as a web server hosting possibly vulnerable web application, then an attacker exploiting the web application also gets access to the IP PBX phone system.
10. Keep the operating system up to date – Modern operating systems are patched periodically for security flaws. Enable managed automated security updates and make sure to keep the system up to date. Hardware SIP Phones also get security updates from time to time in the form of a firmware update. Some security flaws have been known to allow attackers to turn the SIP phone into a tap device. Make sure that you have a system in place which facilitates the updating of these SIP Phones.

Conclusion

As VoIP is steadily gaining market share and the benefits of VoIP Telephony are being appreciated and adopted rapidly by companies around the world, it is a must to take into consideration the implications of VoIP security.

VoIP security can easily be implemented in an IP PBX securing that VoIP phone systems can be protected from compromising network attacks.