Standard VoIP protocols are rife with security issues. However, with fuzzing, value-added resellers (VARs) and systems integrators can identify and patch most of these weaknesses. This tip examines this technique as well as points out a few examples.
How to use fuzzing to deter VoIP protocol attacks
Functional protocol testing, also known as "black-box testing" or "fuzzing," sends many diverse input messages to a vendor's implementation, exercising error handling routines and generating conditions never anticipated by the protocol designers or software developers.
Testing alone cannot defeat all attacks against VoIP. How you choose to deploy, configure and use your VoIP products is equally important. However, tests like these can help you reduce the inherent risk posed by SIP and H.323 protocols.
Learn more about functional protocol testing and VoIP.
Get more information on VoIP protocols and their security vulnerabilities.
For a full glossary of voice terminology, view this list of VoIP protocols.