Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Fake MicroSoft calls
Special Forums Cybersecurity Fake MicroSoft calls Post 303011432 by Neo on Thursday 18th of January 2018 08:17:32 AM
Old 01-18-2018
I recall VoIP vulnerabilities over the years and for many years.

On another note, it is always important to keep in mind that (IT) RISK is the intersection of VULNERABILITY, THREAT & CRITICALITY.

So, even if there is a VULNERABILITY, if there is no real THREAT or CRITICALITY, then RISK is LOW.

For example, for someone who uses VoIP and is not a high profile person or spy or criminal etc who has THREATS and if a VULNERABILITY is exploited, it does not do critical harm (in the case of VoIP threats for most people who use VoIP daily), then the RISK is low.

I've been aware of possible VoIP exploits for many years, but it does not stop me from using the myriad technologies that use VoIP. This especially applies to VoIP technologies which are encrypted. LINE, What's App and I believe Skype are all encrypted and so exploiting these VoIP vulnerabilities are non trivial, as I recall, and so most users who use encrypted VoIP are not at high RISK.

There is also the RISK MITIGATION model, which combines TECHNICAL (LOGICAL) CONTROLS, PHYSICAL CONTROLS AND ADMINISTRATIVE CONTROLS, should be considered as well

Encrypting a VoIP channel is a TECHNICAL CONTROL and having a policy whereas HIGHLY SENSITIVE USERS do not use these apps unless approved is an ADMINISTRATIVE CONTROL.

It is important to keep in mind that RISK MANAGEMENT and RISK MITIGATION is a multidimensional and multifaceted approach, so VULNERABILITIES must be viewed in context to the THREAT and CRITICALITY; and RISK MITIGATION must be viewed in terms of RISK and the "best" combination of controls (ADMIN, TECH, PHYSICAL) based on RISK (and this implies budget as well).

Cheers.
This User Gave Thanks to Neo For This Post:
Don Cragun
 

2 More Discussions You Might Find Interesting

1. IP Networking

Identification of data calls & voice calls

Is there any facility to filter/identify the data calls and voice calls coming throug modem? OR Can we get the data or voice calls information through a script(preferably C Kermit)? (0 Replies)
Discussion started by: pcsaji
0 Replies

2. Windows & DOS: Issues & Discussions

Microsoft Powerpoint 2003 stops working after 12 April 2011 Microsoft Updates

For the benefit of the community this is a widespread worldwide problem affecting multiple versions of Microsoft Windows. Powerpoint erroneously reports Powerpoint presentation damaged and then often hangs. Until Microsoft sort this out, try removing Powerpoint security update KB 2464588... (0 Replies)
Discussion started by: methyl
0 Replies

LEARN ABOUT DEBIAN

net::dns::sec::tools::timetrans

timetrans(3pm)						User Contributed Perl Documentation					    timetrans(3pm)

NAME

       Net::DNS::SEC::Tools::timetrans - Convert an integer seconds count into text units.

SYNOPSIS

	 use Net::DNS::SEC::Tools::timetrans;

	 $timestring = timetrans(86488);

	 $timestring = fuzzytimetrans(86488);

DESCRIPTION

       The timetrans() interface in Net::DNS::SEC::Tools::timetrans converts an integer seconds count into the equivalent number of days, hours,
       and minutes.  The time converted is a relative time, not an absolute time.  The returned time is given in terms of days, hours, minutes,
       and seconds, as required to express the seconds count appropriately.

       The fuzzytimetrans() interface converts an integer seconds count into the equivalent number of weeks or days or hours or minutes.  The unit
       chosen is that which is most natural for the seconds count.  One decimal place of precision is included in the result.

INTERFACES

       The interfaces to the Net::DNS::SEC::Tools::timetrans module are given below.

   timetrans()
       This routine converts an integer seconds count into the equivalent number of days, hours, and minutes.  This converted seconds count is
       returned as a text string.  The seconds count must be greater than zero or an error will be returned.

       Return Values:

	   If a valid seconds count was given, the count converted into the
	       appropriate text string will be returned.

	   An empty string is returned if no seconds count was given or if
	       the seconds count is less than one.

   fuzzytimetrans()
       This routine converts an integer seconds count into the equivalent number of weeks, days, hours, or minutes.  This converted seconds count
       is returned as a text string.  The seconds count must be greater than zero or an error will be returned.

       Return Values:

	   If a valid seconds count was given, the count converted into the
	       appropriate text string will be returned.

	   An empty string is returned if no seconds count was given or if
	       the seconds count is less than one.

EXAMPLES

       timetrans(400) returns 6 minutes, 40 seconds

       timetrans(420) returns 7 minutes

       timetrans(888) returns 14 minutes, 48 seconds

       timetrans(86400) returns 1 day

       timetrans(86488) returns 1 day, 28 seconds

       timetrans(715000) returns 8 days, 6 hours, 36 minutes, 40 second

       timetrans(720000) returns 8 days, 8 hours

       fuzzytimetrans(400) returns 6.7 minutes

       fuzzytimetrans(420) returns 7.0 minutes

       fuzzytimetrans(888) returns 14.8 minutes

       fuzzytimetrans(86400) returns 1.0 day

       fuzzytimetrans(86488) returns 1.0 day

       fuzzytimetrans(715000) returns 1.2 weeks

       fuzzytimetrans(720000) returns 1.2 weeks

COPYRIGHT

       Copyright 2004-2012 SPARTA, Inc.  All rights reserved.  See the COPYING file included with the DNSSEC-Tools package for details.

AUTHOR

       Wayne Morrison, tewok@tislabs.com

SEE ALSO

       timetrans(1)

perl v5.14.2							    2012-06-18							    timetrans(3pm)
All times are GMT -4. The time now is 02:02 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy