Great Asterisk PBX and VOIP Books to Read

Practical VoIP Security

This book was written for the thousands of IT professionals-from CIOs to circuit-switched telecom engineers-who are now responsible for deploying and maintaining secure VoIP networks. The book explains the impact on your VoIP network of PSTN, SIP, H.323, firewalls, NAT, encryption, and the regulatory environment. Coverage includes evaluation, design, integration, and management of VoIP networking components, including IP telephones, gateways, gatekeepers, registration servers, media servers, and proxy servers. Throughout the book, the authors rely on their extensive real-world experience to provide readers with practical applications and solutions.

• VoIP Isn't Just Another Data Protocol
  IP telephony uses the Internet architecture, similar to any other data application. However, from a security administrator's point of view, VoIP is different. Understand why.

• What Functionality Is Gained, Degraded, or Enhanced on a VoIP Network?
  Find out the issues associated with quality of service, emergency 911 service, and the major benefits of VoIP.

• The Security Considerations of Voice Messaging
  Learn about the types of security attacks you need to protect against within your voice messaging system.

• VoIP and the Public Switched Telephone Network (PSTN)
  Understand PSTN: what is it, and how does it work?

• VoIP Communication Architectures
  See how products like Skype, H.248, IAX, and Microsoft Live Communications Server 2005

• The Support Protocols of VoIP Environments
  Learn the services, features, and security implications of DNS, TFTP, HTTP, SNMP, DHCP, RSVP, SDP, and SKINNY.

• Securing the Whole VoIP Infrastructure
  Your guide to Denial-of-Service attacks, VoIP service disruption, call hijacking and interception, H.323-specific attacks, and SIP-specific attacks.

• Authorized Access Begins with Authentication
  Learn the methods of verifying both the user identity and the device identity in order to secure a VoIP network.

• Secure Internet Mail
  See how S/MIME provides cryptographic security services for electronic messaging applications.

Buy Practical VoIP Security

Switching to VoIP

More and more businesses today have their receive phone service through Internet instead of local phone company lines. Many businesses are also using their internal local and wide-area network infrastructure to replace legacy enterprise telephone networks. This migration to a single network carrying voice and data is called convergence, and it's revolutionizing the world of telecommunications by slashing costs and empowering users. The technology of families driving this convergence is called VoIP, or Voice over IP.

VoIP has advanced Internet-based telephony to a viable solution, piquing the interest of companies small and large. The primary reason for migrating to VoIP is cost, as it equalizes the costs of long distance calls, local calls, and e-mails to fractions of a penny per use. But the real enterprise turn-on is how VoIP empowers businesses to mold and customize telecom and datacom solutions using a single, cohesive networking platform. These business drivers are so compelling that legacy telephony is going the way of the dinosaur, yielding to Voice over IP as the dominant enterprise communications paradigm.

Developed from real-world experience by a senior developer, O'Reilly's Switching to VoIP provides solutions for the most common VoIP migration challenges. So if you're a network professional who is migrating from a traditional telephony system to a modern, feature-rich network, this book is a must-have. You'll discover the strengths and weaknesses of circuit-switched and packet-switched networks, how VoIP systems impact network infrastructure, as well as solutions for common challenges involved with IP voice migrations. Among the challenges discussed and projects presented:

• building a softPBX
• configuring IP phones
• ensuring quality of service
• scalability
• standards-compliance
• topological considerations
• coordinating a complete system ?switchover?
• migrating applications like voicemail and directory services
• retro-interfacing to traditional telephony
• supporting mobile users
• security and survivability
• dealing with the challenges of NAT

To help you grasp the core principles at work, Switching to VoIP uses a combination of strategy and hands-on "how-to" that introduce VoIP routers and media gateways, various makes of IP telephone equipment, legacy analog phones, IPTables and Linux firewalls, and the Asterisk open source PBX software by Digium. You'll learn how to build an IP-based or legacy-compatible phone system and voicemail system complete with e-mail integration while becoming familiar with VoIP protocols and devices. Switching to VoIP remains vendor-neutral and advocates standards, not brands. Some of the standards explored include:

• SIP
• H.323, SCCP, and IAX
• Voice codecs
• 802.3af
• Type of Service, IP precedence, DiffServ, and RSVP
• 802.1a/b/g WLAN

If VoIP has your attention, like so many others, then Switching to VoIP will help you build your own system, install it, and begin making calls. It's the only thing left between you and a modern telecom network.

Buy Switching to VoIP

Hacking VoIP: Protocols, Attacks, and Countermeasures

Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it's notoriously lacking in security. With minimal effort, hackers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.

Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If you're serious about security, and you either use or administer VoIP, you should know where VoIP's biggest weaknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.

Hacking VoIP will introduce you to every aspect of VoIP security, both in home and enterprise implementations. You'll learn about popular security assessment tools, the inherent vulnerabilities of common hardware and software packages, and how to:

• Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phishing
• Audit VoIP network security
• Assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk, and home VoIP solutions like Yahoo! and Vonage
• Use common VoIP protocols like H.323, SIP, and RTP as well as unique protocols like IAX
• Identify the many vulnerabilities in any VoIP network

Whether you're setting up and defending your VoIP network against attacks or just having sick fun testing the limits of VoIP networks, Hacking VoIP is your go-to source for every aspect of VoIP security and defense.

Buy Hacking VoIP: Protocols, Attacks, and Countermeasures

Taking Charge of Your VoIP Project (Network Business)

Strategies and solutions for successful VoIP deployments

Justify your network investment

• The step-by-step approach to VoIP deployment and management enables you to plan early and properly for successful VoIP integration with your existing systems, networks, and applications.
• The detailed introduction offers a common grounding for members of both the telephony and data networking communities.
• IT managers and project leaders are armed with details on building a business case for VoIP, including details of return-on-investment (ROI) analysis and justification.
• A VoIP deployment is presented as a major IT project, enabling you to understand the steps involved and the required resources.
• The comprehensive look at quality of service and tuning describes when and where to use them in a VoIP deployment. These are often the most complex topics in VoIP; you'll get smart recommendations on which techniques to use in various circumstances.
• You learn how to plan for VoIP security, including prevention, detection, and reaction.

Voice over IP (VoIP) is the telephone system of the future. Problem is, VoIP is not yet widely deployed, so there are few skilled practitioners today. As you make your move to VoIP, how will you know how to make VoIP work and keep it working well? What changes will you need to make without disrupting your business? How can you show your return on this investment?

Many books contain technical details about VoIP, but few explain in plain language how to make it run successfully in an enterprise. Taking Charge of Your VoIP Project provides the detailed plans you need to be successful in your organization's deployment of VoIP. Through their years of work in the field, authors John Q. Walker and Jeffrey T. Hicks bring a project-oriented approach to VoIP, with much-needed clarity on getting VoIP to work well.

Taking Charge of Your VoIP Project starts with simple concepts, each chapter building on the knowledge from the last. Although not a technical manual, you learn about the standards, such as H.323, G.711, and Real-Time Transport Protocol (RTP), and the implications they have on your VoIP system. Most importantly, you'll gain expert advice and a systematic guide on how to make VoIP work for your organization.

This volume is in the Network Business Series offered by Cisco Press. Books in this series provide IT executives, decision makers, and networking professionals with pertinent information on today's most important technologies and business strategies.

Buy Taking Charge of Your VoIP Project (Network Business)

VoIP For Dummies (For Dummies (Computer/Tech))

See how to get started with VoIP, how it works, and why it saves you money

VoIP is techspeak for "voice over Internet protocol," but it could spell "saving big bucks" for your business! Here's where to get the scoop in plain English. Find out how VoIP can save you money, how voice communication travels online, and how to choose the best way to integrate your phone system with your network at home or at the office.

Discover how to:

• Use VoIP for your business or home phone service
• Choose the best network type
• Set up VoIP on a wireless network
• Understand transports and services
• Demonstrate VoIP's advantages to management

Buy VoIP For Dummies (For Dummies (Computer/Tech))

Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures

In Securing VoIP Networks, two leading experts systematically review the security risks and vulnerabilities associated with VoIP networks and offer proven, detailed recommendations for securing them. Drawing on case studies from their own fieldwork, the authors address VoIP security from the perspective of real-world network implementers, managers, and security specialists. The authors identify key threats to VoIP networks, including eavesdropping, unauthorized access, denial of service, masquerading, and fraud; and review vulnerabilities in protocol design, network architecture, software, and system configuration that place networks at risk. They discuss the advantages and tradeoffs associated with protection mechanisms built into SIP, SRTP, and other VoIP protocols; and review key management solutions such as MIKEY and ZRTP. Next, they present a complete security framework for enterprise VoIP networks, and provide detailed architectural guidance for both service providers and enterprise users.

1 Introduction

2 VoIP Architectures and Protocols

3 Threats and Attacks

4 VoIP Vulnerabilites

5 Signaling Protection Mechanisms

6 Media Protection Mechanisms

7 Key Management Mechanisms

8 VoIP and Network Security Controls

9 A Security Framework for Enterprise VoIP Networks

10 Provider Architectures and Security

11 Enterprise Architectures and Security

Buy Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures

VoIP Hacks: Tips & Tools for Internet Telephony (Hacks)

VoIP is simply overflowing with hack potential, and VoIP Hacks is the practical guide from O'Reilly that presents these possibilities to you. It provides dozens of hands-on projects for building a VoIP network, showing you how to tweak and customize a multitude of exciting things to get the job done. Along the way, you'll also learn which standards and practices work best for your particular environment. Among the quick and clever solutions showcased in the book are those for:

• gauging VoIP readiness on an enterprise network
• using SIP, H.323, and other signaling specifications
• providing low-layer security in a VoIP environment
• employing IP hardphones, analog telephone adapters, and softPBX servers
• dealing with and avoiding the most common VoIP deployment mistakes

In reality, VoIP Hacks contains only a small subset of VoIP knowledge-enough to serve as an introduction to the world of VoIP and teach you how to use it to save money, be more productive, or just impress your friends. If you love to tinker and optimize, this is the one technology, and the one book, you must investigate.

Buy VoIP Hacks: Tips & Tools for Internet Telephony (Hacks)

Asterisk: The Future of Telephony

That's why many IT administrators and developers are actively looking to set up VoIP-based private telephone switching systems within the enterprise. The efficiency that network users can reach with it is almost mind-boggling. And cheap, if the system is built with open source software like Asterisk. There are commercial VoIP options out there, but many are expensive systems running old, complicated code on obsolete hardware. Asterisk runs on Linux and can interoperate with almost all standards-based telephony equipment. And you can program it to your liking.

Asterisk's flexibility comes at a price, however: it's not a simple system to learn, and the documentation is lacking. Asterisk: The Future of Telephony solves that problem by offering a complete roadmap for installing, configuring, and integrating Asterisk with existing phone systems. Our guide walks you through a basic dial plan step by step, and gives you enough working knowledge to set up a simple but complete system.

What you end up with is largely up to you. Asterisk embraces the concept of standards-compliance, but also gives you freedom to choose how to implement your system. Asterisk: The Future of Telephony outlines all the options, and shows you how to set up voicemail services, call conferencing, interactive voice response, call waiting, caller ID, and more. You'll also learn how Asterisk merges voice and data traffic seamlessly across disparate networks. And you won't need additional hardware. For interconnection with digital and analog telephone equipment, Asterisk supports a number of hardware devices.

Ready for the future of telephony? We'll help you hook it up.

Buy Asterisk: The Future of Telephony

Configuration Guide for Asterisk PBX

The configuration guide for Asterisk PBX is a self-training material for the Digium's award winning open source software. With 370 pages and 15 chapters is one the most complete guides for open source IP telephony. It is now ready for the version 1.4.

Buy Configuration Guide for Asterisk PBX