Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Fake MicroSoft calls
Special Forums Cybersecurity Fake MicroSoft calls Post 303011432 by Neo on Thursday 18th of January 2018 08:17:32 AM
Old 01-18-2018
I recall VoIP vulnerabilities over the years and for many years.

On another note, it is always important to keep in mind that (IT) RISK is the intersection of VULNERABILITY, THREAT & CRITICALITY.

So, even if there is a VULNERABILITY, if there is no real THREAT or CRITICALITY, then RISK is LOW.

For example, for someone who uses VoIP and is not a high profile person or spy or criminal etc who has THREATS and if a VULNERABILITY is exploited, it does not do critical harm (in the case of VoIP threats for most people who use VoIP daily), then the RISK is low.

I've been aware of possible VoIP exploits for many years, but it does not stop me from using the myriad technologies that use VoIP. This especially applies to VoIP technologies which are encrypted. LINE, What's App and I believe Skype are all encrypted and so exploiting these VoIP vulnerabilities are non trivial, as I recall, and so most users who use encrypted VoIP are not at high RISK.

There is also the RISK MITIGATION model, which combines TECHNICAL (LOGICAL) CONTROLS, PHYSICAL CONTROLS AND ADMINISTRATIVE CONTROLS, should be considered as well

Encrypting a VoIP channel is a TECHNICAL CONTROL and having a policy whereas HIGHLY SENSITIVE USERS do not use these apps unless approved is an ADMINISTRATIVE CONTROL.

It is important to keep in mind that RISK MANAGEMENT and RISK MITIGATION is a multidimensional and multifaceted approach, so VULNERABILITIES must be viewed in context to the THREAT and CRITICALITY; and RISK MITIGATION must be viewed in terms of RISK and the "best" combination of controls (ADMIN, TECH, PHYSICAL) based on RISK (and this implies budget as well).

Cheers.
This User Gave Thanks to Neo For This Post:
Don Cragun
 

2 More Discussions You Might Find Interesting

1. IP Networking

Identification of data calls & voice calls

Is there any facility to filter/identify the data calls and voice calls coming throug modem? OR Can we get the data or voice calls information through a script(preferably C Kermit)? (0 Replies)
Discussion started by: pcsaji
0 Replies

2. Windows & DOS: Issues & Discussions

Microsoft Powerpoint 2003 stops working after 12 April 2011 Microsoft Updates

For the benefit of the community this is a widespread worldwide problem affecting multiple versions of Microsoft Windows. Powerpoint erroneously reports Powerpoint presentation damaged and then often hangs. Until Microsoft sort this out, try removing Powerpoint security update KB 2464588... (0 Replies)
Discussion started by: methyl
0 Replies

LEARN ABOUT CENTOS

ekiga

Ekiga(1)							   Version 2.00 							  Ekiga(1)

NAME

       Ekiga - SIP and H.323 Voice over IP and Videoconferencing for UN*X

SYNOPSIS

       ekiga [-d level] [-c URL]

DESCRIPTION

       Ekiga  is  a SIP and H.323 VoIP, IP Telephony and Video Conferencing application which complies to the SIP and H.323 protocols. It can con-
       nect to a variety of other SIP and H323 applications including specific hardware. Ekiga can work with or without a webcam, and is  able	to
       create  pure  audio  communications  or	traditional  audio+video  communications. Ekiga was formerly known as GnomeMeeting. Ekiga has been
       designed for the GNOME desktop and therefore uses gconfd-2(1) for storing its userdata. It offers to configure  almost  every  option  from
       within the GUI. Command-line options include -d to turn on debugging during calls.  -c to call another URL.

OPTIONS

       -d level
	      turn on debugging (on the console), level should be between 1 and 4.

       -c URL Calls the given URL. Ekiga can be running or not when invoking that option. SIP, H.323 and CALLTO URLs are supported.

FILES

       /etc/gconf/gconf.xml.defaults/apps/ekiga/
	      The system wide configuration file. See gconf-config(1) for further details on gconf. (The actual place can differ depending on your
	      system's configuration)
       ~/.gconf/apps/ekiga
	      Per user configuration file. See gconf-config(1) for further details.

ENVIRONMENT

       On startup Ekiga reads the system-wide gconf schemas (like every other  GNOME2  app  should  do)  from  /etc/gconf/gconf.xml.defaults/apps.
       Every modification of the gconf keys using the GUI, gconftool or gconf-editor is reflected in real-time by Ekiga.

DOCUMENTATION

       More documentation is available in the manual available through Ekiga's Help menu. There is also a FAQ at: http://www.ekiga.org

GETTING HELP

       Feel free to join #ekiga on irc.gnome.org (GIMPnet) or the ML at:

       http://mail.gnome.org/mailman/listinfo/ekiga-list

       after having read the FAQ at

       http://www.ekiga.org/ .

AUTHOR

       Damien Sandras <dsandras at seconix dot com>

OTHER INFO

       The webpage for Ekiga is at http://www.ekiga.org.  You can find info about Ekiga there and download the latest version.	Either as packages
       for all major distributions or as sourcecode. Patched version of the libs are available, if necessary.

COPYRIGHT

       Copyright (C) 2000-2008 Damien Sandras
       This is free software licensed under the GPLv2; see the LICENSE file in the source for copying conditions. There is NO warranty;  not  even
       for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

SEE ALSO

       gconf-config(1), gconfd-1(1), gconfd-2(1), gconftool-1(1), gconftool-2(1), gconfigger(1)

Linux								  10 January 2006							  Ekiga(1)
All times are GMT -4. The time now is 01:40 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy