« Interview by Eric Krapf of NoJitter on FBI Report of Telephony Denial of Service (TDoS) Attacks | Main | Voice Over IP (VoIP) Telephony Denial of Service (TDoS) Attack Article Summary »

June 25, 2010

Comments

David Merrick

Thanks for posting this. There is an unsettling lack of information out there about the seriousness of the TDOS threat. Aside from the FBI's press release last month and coverage in Wired, nobody is talking about it. I'm looking forward to reading your follow-up about mitigation approaches!

Mark Collier

Thanks for the comment. We may be seeing more public information about more serious attacks. I will post some info on mitigation techniques next week.

M Zubair Rafique

I like the new name "Telephony DoS (TDoS)" given to this attack scenario. I would like to know how in real VoIP network IDs are spoofed? Isn't the VoIP service providers allows the authenticated users only to setup calls to the other legitimate users? Thanks for the post. Your efforts are really admirable in this regard.

Mark collier

Thanks for the comment. There is no active legislation that prohibits spoofing caller ID, either in VoIP or TDM networks. Even it there was, it wouldn't stop determined attackers. Service providers do not enforce caller ID authentication. And by the way, the caller ID for the TDoS calls I am aware of DID have spoofed caller ID.

Fffrrr.wordpress.com

Nice post, but what about the sip trunks? how they are affected?

Mark Collier

Thanks for the post. The attack is pretty much identical for SIP or TDM. It just appears as a flood of calls with some audio content. Most of the attacks we heard of are on TDM (because the vast majority of trunking in NA is TDM), but some occurred on SIP as well. Solutions to the problem are pretty much the same for TDM and SIP.

Jason

I have been in this industry for many years not and I do know what a DDOS is, but I have never heard of TDoS so far. I guess VOIP is getting too popular and naturally targeted by abusers.

I have been using switch2voip's services for quite some time now and they prove to be very reliable. Never had any simialr issues so far.

Mark Collier

Thanks for the comment. TDoS is DoS or DDOS, but rather than just packets, it is fully set up malicious calls, over TDM or SIP. VoIP is popular and used to generate the attacks. We don't commonly see TDoS per se - we see lots of malicious calls, harassing callers, SPAM, vishing, call pumping, etc. The volume is often not enough to create a TDoS condition, but as the ability to amp up the volume increases, we will seen more TDoS.

Ip pbxs

Excellent! Thank you for sharing this. Looking forward to more.

Peter

I had this same problem 2 years ago with another provider, my server was attacked and i lost almost $800 dollars, they are stealing the voip credits, now i use Ip authentication and changed provider to http://www.switch2voip.us, working happy ever since.

The comments to this entry are closed.

My Photo

Search Blog

  • Search Blog
    Google

    WWW
    voipsecurityblog.typepad.com

Become a Fan

Telephony Denial of Service (TDoS)