0 of 1 people found the following review helpful
Practical and useful book that will get you started Hacking VoIP,
This review is from: Hacking VoIP: Protocols, Attacks, and Countermeasures (Paperback)
This is a very short book, so I will try to keep the review short too.
I have tried to stay clear of VoIP networks, phones, software, hacking - while keeping an eye out for major problems. The monster called VoIP includes just to many protocols and I have a lot of work doing internet security as it is.
During the last few years though, people are moving even more into VoIP phones and thus I have read a few resources about VoIP, attended a few conference presentations about VoIP security - but not really gotten dirty with hacker tools for VoIP. I asked for a review copy of this book and one was provided by the nice people of No Starch.
This has changed and this book is the reason, because Hacking VoIP is a very practical book that will get you started hacking VoIP networks.
The book is very short, which is great, I like books that you can actually read from cover to cover. The content is also presented clearly with excellent wording and just enough detail to get me started. The book also list precise tools, programs and even allows you to download configurations and special tools.
The problems described are very real and the scenarios are precisely what is found in real life. The target audience for this book is specified as VoIP administrators, but being a security consultant myself I think the actual target audience is a bit wider. The level needed to do the lab exercises is consistent with a VoIP administrator, which have had some experience using Asterisk/BackTrack.
This book also present a VoIP Security Audit Program (VSAP) which I think is a great idea and resource for people to audit their own systems.
To summarize the Good stuff:
Short - this book is short, so you can actually finish it
Practical - using the tools described you will be able to get a VoIP network running quickly
Contents - Specific VoIP stuff, not generic hacker stuff
Writing style - excellent
The Bad stuff about this book:
Repeated content - chapter 8 contains some sniffing and injection which is repeated from chapter 4, including half page screen shoots :-( This might be more of an editorial problem, but having a 200 page book which repeats itself?!
More content would be interesting, for example fuzzing is introduced but more could have been described. Clearly the author has a lot of knowledge about hacking VoIP, so I think he could have easily added another 50-100 pages more.
The book does whet my appetite and lets me get started Hacking VoIP immediately which is the goal. Having obtained that goal I will be able to continue working with VoIP security and understand the new attacks being published. I recommend it for people getting into this area.
(1 customer review)