The Single Most Important Thing to Know About
Computer Phones (VoIP)
By Dee Scrip
Over 90% of computer phones (VoIP) are not secure because they use a public
known codex (publicly known encryption of sound packets) and a publicly known
protocol to transport voice conversations. Therefore, users of these type of services
are unknowingly exposing themselves to anyone who wants to listen in or access
their confidential information. In addition, because of the public openness, the user’s
computer’s vulnerability can result in a costly computer crash and total loss of all
information.
Peer-to-peer computer phones are on unsecure lines.
There are five areas to address when checking for Security when looking for a VoIP
Service Provider. Here’s how a VoIP Service should protect your security,
whether on dial-up, wireless, satellite, or cable connections.
1. Call Security: A VoIP service’s audio (your voice) should compress your voice into
proprietary encryption packets to travel across the Internet, and return back to voice
at destination. That particular VoIP service should host proprietary software, and as
such, the only one that can interpret the voice and data contained in those packets.
2. Computer Phone Identity: When your first download and install a VoIP provider’s
computer phone, a confidential phone number and password should be given to
protect against unauthorized installation.
To protect against unauthorized installation, your computer phone’s setup process
should combine the phone name and hardware data from the PC on which it was
installed to create a unique ID string known only to that VoIP’s own server. Because
of the association between the unique ID with that particular PC, it prevents one
person from reconfiguring their VoIP service’s computer phone to spoof another. It
also prevents someone from copying that VoIP service’s software to another PC
and then using it without having gone through the password-protected installation
process.
3. Client Server Model: The VoIP service should follow a client-server model. The
client is the softphone offered by a particular VoIP service. That particular VoIP
service’s Server should be behind a highly secure proprietary firewall hosted in a
professional facility. Any information shared should therefore only be between the
client and server of that particular VoIP service. This means, that unlike some peer-
to-peer solutions, private information about “buddy” lists or call patterns, etc.,
remains entirely confidential.
4. Softphone Setup: Firewalls vary widely and each network configuration may be
quite different. When a VoIP service’s softphone first initializes, it discovers its
ability to reach that VoIP’s service server, as well as a variety of ports and
protocols for placing calls, depending on the results of its discovery. In a strict
environment, the VoIP service’s softphone uses the same path the proprietary
firewall already permits for web browsing (typically TCP ports 80 and 443). This
allows users to make calls from anywhere without compromising or reconfiguring their
own firewalls.
The VoIP service’s softphone should be able to initiate conversations with that VoIP
service’s server and keep the server updated as to its status. By doing this, no public
IP address needs to be setup for the PC running the computer phone. It also enables
user flexibility without concern about security or privacy when moving from network to
network. The VoIP service’s computer phone should be compatible with Network
Address Translation (NAT) and Port Address Translation (PAT), and the kind of
dynamic addressing that is found in wireless “hotspots”, hotel internet access, and
dial-up.
5. Monitoring Capability: A strong security model should include an auditing
mechanism to monitor usage and activity. This means that each computer phone
should include its own usage log, enabling users to look through their own personal
history of inbound, outbound, and missed calls. In addition, the VoIP service’s
website should provide users the ability to view all individual phone call charges
using the already set up confidential number and password.
Dee Scrip and her close friend Andy Murray operate the website
http://www.whypay4calls.com. Where you can experience a 7 day free trial with a
secure line on patented technology. NO contracts, obligations, or hassles!
Computer Phones (VoIP)
By Dee Scrip
Over 90% of computer phones (VoIP) are not secure because they use a public
known codex (publicly known encryption of sound packets) and a publicly known
protocol to transport voice conversations. Therefore, users of these type of services
are unknowingly exposing themselves to anyone who wants to listen in or access
their confidential information. In addition, because of the public openness, the user’s
computer’s vulnerability can result in a costly computer crash and total loss of all
information.
Peer-to-peer computer phones are on unsecure lines.
There are five areas to address when checking for Security when looking for a VoIP
Service Provider. Here’s how a VoIP Service should protect your security,
whether on dial-up, wireless, satellite, or cable connections.
1. Call Security: A VoIP service’s audio (your voice) should compress your voice into
proprietary encryption packets to travel across the Internet, and return back to voice
at destination. That particular VoIP service should host proprietary software, and as
such, the only one that can interpret the voice and data contained in those packets.
2. Computer Phone Identity: When your first download and install a VoIP provider’s
computer phone, a confidential phone number and password should be given to
protect against unauthorized installation.
To protect against unauthorized installation, your computer phone’s setup process
should combine the phone name and hardware data from the PC on which it was
installed to create a unique ID string known only to that VoIP’s own server. Because
of the association between the unique ID with that particular PC, it prevents one
person from reconfiguring their VoIP service’s computer phone to spoof another. It
also prevents someone from copying that VoIP service’s software to another PC
and then using it without having gone through the password-protected installation
process.
3. Client Server Model: The VoIP service should follow a client-server model. The
client is the softphone offered by a particular VoIP service. That particular VoIP
service’s Server should be behind a highly secure proprietary firewall hosted in a
professional facility. Any information shared should therefore only be between the
client and server of that particular VoIP service. This means, that unlike some peer-
to-peer solutions, private information about “buddy” lists or call patterns, etc.,
remains entirely confidential.
4. Softphone Setup: Firewalls vary widely and each network configuration may be
quite different. When a VoIP service’s softphone first initializes, it discovers its
ability to reach that VoIP’s service server, as well as a variety of ports and
protocols for placing calls, depending on the results of its discovery. In a strict
environment, the VoIP service’s softphone uses the same path the proprietary
firewall already permits for web browsing (typically TCP ports 80 and 443). This
allows users to make calls from anywhere without compromising or reconfiguring their
own firewalls.
The VoIP service’s softphone should be able to initiate conversations with that VoIP
service’s server and keep the server updated as to its status. By doing this, no public
IP address needs to be setup for the PC running the computer phone. It also enables
user flexibility without concern about security or privacy when moving from network to
network. The VoIP service’s computer phone should be compatible with Network
Address Translation (NAT) and Port Address Translation (PAT), and the kind of
dynamic addressing that is found in wireless “hotspots”, hotel internet access, and
dial-up.
5. Monitoring Capability: A strong security model should include an auditing
mechanism to monitor usage and activity. This means that each computer phone
should include its own usage log, enabling users to look through their own personal
history of inbound, outbound, and missed calls. In addition, the VoIP service’s
website should provide users the ability to view all individual phone call charges
using the already set up confidential number and password.
Dee Scrip and her close friend Andy Murray operate the website
http://www.whypay4calls.com. Where you can experience a 7 day free trial with a
secure line on patented technology. NO contracts, obligations, or hassles!
| VOIP Solution Journal.com |
| ____________________________________________________________________ |
| ____________________________________________________________________ |
| VoIP Course ID 104 |
| Selecting a VoIP Solution- Business VoIP Service. VoIp Solutions, providers, Service, resources, articles, tips, and help for selecting a VoIp Solution Today! |
| Copyright © voipsolutionjournal.com - 2007 All Rights Reserved - VOIP Solution Journal VoIP Solution Journal Selecting a VoIP Solution for Home or Business. VoIp Solutions, providers, Service, resources, articles, tips, and information for selecting a VoIp Solution. |