NMON Network Monitoring: Books: Voice and Data Security

NMON Network Monitoring

Search

Advanced Search

View Cart Checkout

Location: Home » Books » Voice and Data Security

November 21, 2008

Bestsellers

•	The iPhone Developer's Cookbook: Building Applications with the iPhone SDK (Developer's Library)
•	CISSP Certification All-in-One Exam Guide, 4th Ed. (All-in-One)
•	CCNA: Cisco Certified Network Associate Study Guide: Exam 640-802
•	JavaScript: The Definitive Guide
•	CCNA Official Exam Certification Library (CCNA Exam 640-802) (Exam Certification Guide)
•	CCNA Voice Official Exam Certification Guide (640-460 IIUC) (Exam Certification Guide)
•	Microsoft SharePoint 2007 For Dummies (For Dummies (Computer/Tech))
•	MCITP Self-Paced Training Kit (Exams 70-640, 70-642, 70-643, 70-647): Windows Server 2008 Enterprise Administrator Core Requirements
•	iPhone Developer's Cookbook, The
•	Professional Android Application Development

Browse

•	Books
•	Computers
•	Electronics

New Releases

•	The iPhone Developer's Cookbook: Building Applications with the iPhone SDK (Developer's Library)
•	CCNA Voice Official Exam Certification Guide (640-460 IIUC) (Exam Certification Guide)
•	iPhone Developer's Cookbook, The
•	Professional Android Application Development
•	Social Media Marketing: An Hour a Day
•	Framework Design Guidelines: Conventions, Idioms, and Patterns for Reusable .NET Libraries (2nd Edition) (Microsoft .NET Development Series)
•	The iPhone Book: How to Do the Most Important, Useful & Fun Stuff with Your iPhone, 2nd Edition
•	Programming Microsoft Dynamics CRM 4.0 (Pro-Developer)
•	Concurrent Programming on Windows (Microsoft .NET Development Series)
•	MCTS Self-Paced Training Kit (Exam 70-503): Microsoft .NET Framework 3.5 Windows Communication Foundation (PRO-Certification)

Voice and Data Security
	Authors: David Dicenso, Dwayne Williams, Travis Good, Kevin Archer, Gregory White, Chuck Cothren, Roger Davis Creator: Gregory B. White Publisher: Sams Category: Book List Price: ~~$49.99~~ Buy New: $2.99 You Save: $47.00 (94%) Buy New/Used from $1.68 Avg. Customer Rating: (2 reviews) Sales Rank: 2208351 Media: Paperback Edition: 1st Number Of Items: 1 Pages: 504 Shipping Weight (lbs): 1.8 Dimensions (in): 9 x 7.3 x 1.1 ISBN: 0672321505 Dewey Decimal Number: 005.8 UPC: 652063321501 EAN: 9780672321504 ASIN: 0672321505 Publication Date: July 6, 2001 Availability: Usually ships in 1-2 business days

Editorial Reviews: Product Description This book addresses a need in the computer technology market where there are no books covering security on Voice Over Internet Protocol (VoIP) and networks. There are many books about security, but none that deal in telephony technologies. Voice and Data Security will enable readers to: protect data networks from the most common threats; learn what security vulnerabilities currently exist in data networks become aware of the threats the telephone network poses to the data network; use updated information to protect the data network from the telephone network; useful ways to AVOID telephone network intrusions and attacks; and learn VoIP and the security implications of this transmission technique.

Customer Reviews: Finally a book that addresses telephone security December 31, 2001 4 out of 4 found this review helpful I am a senior engineer for network security operations. I read "Voice and Data Security" (VaDS) to learn more about vulnerabilities in the voice world. A search for "voice security" here yields four results, of which VaDS is the only in-print title. Although I would have preferred VaDS to focus solely on voice security issues, I still recommend it as the only modern published reference for this critical topic. When reading VaDS, it's important to remember that all of the authors have some sort of relationship with San Antonio-based voice security company SecureLogix. That's ok, as Foundstone is the powerhouse behind the successful "Hacking Exposed" book series. Some parts of the book read like commercials for SecureLogix products like TeleSweep and TeleWall, but the authors largely focus on non-proprietary solutions to voice security. VaDS is strongest when it speaks solely to voice security issues, and, to a lesser degree, network infrastructure. I learned quite a bit about tapping phones (ch. 11), voice mail abuse (ch. 14), and voice-data convergence (ch. 5). Chapters on broadband infrastructure and exploitation were helpful. Even though the final chapter seemed out of place, its intriguing coverage of cyber law kept my attention. Less helpful were the chapters covering general security issues, such as cryptography (ch. 18), malware (ch. 19), sniffing (ch. 20), scanning (ch. 21), passwords (ch. 22), firewalls (ch. 23), IDS (ch. 24), and denial of service (ch. 26). This material is so well-covered elsewhere that its appearance did little to help VaDS distinguish itself. Chapter 27 was an exception, with its succinct discussions of popular Microsoft IIS web server vulnerabilities. Aside from including well-worn material, VaDS suffered slightly from a few technical mistakes. Explanations of buffer overflows in chapter 4 needlessly associated them with TCP-based sessions. UDP-based buffer overflows are exploited regularly. The author of this chapter also seems to believe that buffer overflows are a problem because they overwrite "user ID and privilege information" on the stack. That's rarely the case; subverting return pointers is the problem. Chapters 8 and 15, describing voice protocols like H.323, were difficult to understand, and ch. 18 (p. 283) makes an unsubstantiated claim that "a well-known Mid-East terrorist was discovered to be using steganography." Typos on pp. 155-156 appeared, and port 443 was replaced by 444 on p. 69. Overall, VaDS marks a welcome contribution to the information security community. I plan to include it in my tier two security analyst reading list, with recommendations to concentrate on its voice-related content. Hopefully the second edition will strip out the unnecessary network security coverage found elsewhere, and include more excellent explanations of voice security issues. (Disclaimer: I received a free review copy from the publisher.) Good intro to the core ideas of voice and data security November 20, 2001 2 out of 2 found this review helpful Not so long ago, the thought of running a corporate PBX on a client/server network was unthinkable, almost ludicrous. Now many companies have a VoIP (Voice Over IP) PBX via their Cisco routers. Some organizations have separate VON (Voice Over Network) systems. While the benefits of convergence are many, their security implications are often ignored or, when they are considered, are addressed too far along into the development process. That convergence is the focus of Voice and Data Security. About a third of the book addresses the fundamentals of voice and data security, covering topics such as cryptography, sniffing, and spoofing. The rest of the book deals with securing digital and voice assets. As an example, PBX and mail fraud are huge problems facing corporate America. Yet while most companies are aware of the situation, many organizations don't do all they can to secure their voice systems. This book contains an excellent policy and audit checklist on how to set up a corporate PBX policy. Items such as protection management, standards and procedures, technical safeguards, and incident response are discussed in the checklist, which alone is worth the cost of the book. A single unauthorized modem in a corporate network will undermine firewalls, cryptography, and all other protection mechanisms. Thus, the authors cover how war dialers and telephone line scanners can be used to ensure that the back doors that unauthorized corporate modems create are closed. Voice and Data Security is valuable to those needing a good introduction to the core ideas and security repercussions involved with the convergence of voice and data systems. It speaks volumes.

Powered by: Dknc, inc. and Amazon.com

For your safety and security, orders are processed through amazon.com