Monday – SBC-Session Border Controllers – Getting Serious about VoIP
Security

Tuesday – Worms, Trojans, Backdoor Trojans and other Polymorphic nasty
things

Wednesday – SIP Provides Presence – "Who's Who"

Thursday – Wireless LOS-Line-Of-Site or Sight?

Friday – Weighted Fair Queuing – Getting Stuck In Line

The complete text is available in the TECHtionary Group on Yahoo:
http://groups.yahoo.com/group/techtionary/ and the animated tutorials
are available at: http://www.techtionary.com

Special Notice – Call for Papers and Registration for International
Security Symposium – VoIP – June 2006 – Boulder, Colorado – For more
information http://www.techtionaryna.com/iss/iss-callforpapers.pdf

Sponsored by TBI – A Master Agency Representing over 600 Agents with
innovative solutions for Voice, WAN, VoIP, SAN, SPAM, Total Care and
other services available at http://www.tbicom.com.
About TECHtionary
TECHtionary.com http://www.techtionary.com is the World's First and
Largest Animated Library/Magazine on Technology - Web Hosting
Magazine's Editor's Choice for Technical Help. TECHtionary produces
white papers, magazine articles, indepth product reviews, training
tools and custom animations. Call 303-594-3047 or email
cross@... to let us show you how we can help you exciting new
tutorials on your products and services.
TECHtionary also publishes animated medical tutorials at
http://www.msnopedia.com.
Job opportunities and postings can be found at Ciscopedia –
http://www.ciscopedia.com.


Monday TECHtionary.com TECH-Tip – SBC-Session Border Controllers –
Getting Serious about VoIP Security
The animated TECH-Tip tutorial is available at http://www.techtionary.com
The archive animated TECH-Tip tutorial is available at
http://www.techtionary.com/members/slides/s/sip-h323-sessioncontroller.swf
Summary
SC-Session Controllers or SBC-Session Border Controllers are access
devices operate at Layer 5 Session Layer, where as routers operate at
Layer 3 Network.
Details
In this week's Tommy's TECH-Tip we will explore VoIP security. Many
of the details are in the animated version only. However, here is the
introductory text. In the world of carrier and enterprise VoIP-Voice
over Internet Protocol, security is becoming the top priority before
implementation, not afterward. The emerging technology to provide
that large-scale security is a SBC-Session Border Controller.
SC-Session Controllers or SBC-Session Border Controllers are access
devices operate at Layer 5 Session Layer, where as routers operate at
Layer 3 Network. According to one enduser, "The primary function of
the SBC is to serve, basically, as a SIP aware NATing Firewall." Some
of the key SBC functions are:
- Secure network peering - private and public to enhance performance
- Topology hiding - using various types of inter-AS-Autonomous System
features as well as separating media (voice) and hide signaling (IP
addresses) data streams (traffic)
- Border call routing - routing at AS level rather than with interior
protocols
- Interoperability - access/restrict to reduce voice spam
- QoS & Call Admission Control - load/jitter correction
- Billing systems interoperability - reduce billing errors
- NAT-Network Address Translation - routing for maximum performance
- CALEA-Communications Assistance for Law Enforcement Act - discussed next
- Compatibility with billing - discussed in the animated tutorial
- Dialect conversion - discussed in the animated tutorial
- Protocol conversion - discussed in the animated tutorial
- Codec conversion - discussed in the animated tutorial
- Firewall restrictions - discussed in the animated tutorial
Various types of stateful (interconnect different networks such as
H.323, MGCP-Media Gateway Control Protocol and SIP-Session Initiation
Protocol) and stateless (same networks) Session Controllers exist
depending on the VoIP Network features required.

-----
Tuesday TECHtionary.com TECH-Tip – Worms, Trojans, Backdoor Trojans
and other Polymorphic nasty things
The animated TECH-Tip tutorial available at http://www.techtionary.com
The archive animated TECH-Tip tutorial is available at
http://www.techtionary.com/members/slides/v/virus.swf
Summary
A fundamental definition of a Virus is a program or unsolicited
program that changes data on a computer without consent.
Details
Advanced viruses can also attack the BIOS-Basic Input Output System
software and hardware.
Worm viruses are programs which can duplicate or replicate themselves
across computers or via email to other networks.
Macro viruses are programs that use common software commands called
macros (copy, paste-ADD, delete) to replace existing functions in word
processing, spreadsheets, presentation programs.
Trojan Horses like those of Greek history where a wooden horse was
left with soldiers hidden inside are programs that are something other
than what they appear to be or a disguise for a virus. Backdoor
Trojan Horses are programs that enter as one program and take control
of the computer or program.
Polymorphoric viruses are programs that mutates into another program
like an email message that transforms into an executable program and
may change EACH time it infects a computer.
Some suggestions regarding viruses: - Use virus scanning software on
all computers and devices that interact with computers such as
LAN-Local Area Networks, zip drives, floppy disks and CD-ROM disks as
well as any other network interface such as the internet, VPNs-Virtual
Private Networks and potentially even PDA-Personal Digital Assistants
and other devices. - Do not open email unless from known sources and
even then after scanning. - Do not open email from known sources
regarding any notice of "Warning About Virus" as it may be a hoax
containing a real virus. - Regarding web sites - HTML and "cookies"
cannot spread a virus, however, Java Applets, ActiveX, VBS-Visual
Basic Script. CGI-Common Gateway Interface scripts and other programs
can AUTOMATICALLY spread a virus. - Understand firewalls stop only
certain programs and not sufficient protection for viruses. According
to Network World magazine "A Firewall won't protect your from network
slowdowns, spam, libelous postings, offensive e-mails, recreational
surf abuse, hacker or any other legal liability." - In our opinion,
there is no such thing as anything more than minimal protection.
-----
Wednesday TECHtionary.com TECH-Tip – SIP Provides Presence – "Who's Who"
The animated TECH-Tip tutorial is available at http://www.techtionary.com
The archive animated TECH-Tip tutorial is available at
http://www.techtionary.com/members/slides/j/jitter.swf
Summary
Transcoding is the process of conversion between the switched and
packet environments. However, Asynchronous Transcoding is to be
avoided. According to Intel, "The term "asynchronous transcoding"
refers to a situation when, for example, one endpoint is talking G.711
to another endpoint talking G.723 (two different encodings)."
Details
Here is an example of SIP-Session Initiation Protocol used for instant
messaging. The function of a Presence Server is to manage access,
connections, directory (who's who), billing and tracking and other
management functions. Here is an example of SIP-Session Initiation
Protocol used for enhanced, multi-user, multi-media conferencing.
Note internet access or VXML-Voice eXtensible Markup Language
applications can be directed based on an Exception-triggered instant
conference such as a disaster. SIP-Session Initiation Protocol is the
real-time communication protocol for VOIP-Voice over IP. SIP has been
expanded to support video and instant-messaging applications. SIP is
designed to perform basic call-control tasks, such as session call set
up and tear down and signaling for features such as call hold, caller
ID, conferencing and call transferring. However with SIP, the
intelligence for call setup and features resides on the SIP device or
user agent, such as an IP phone or a PC with voice or
instant-messaging software. In contrast, traditional telephony or
H.323-based telephony uses a model of intelligent, centralized phone
switches with dumb phones with SS7-Signaling System 7 in PSTN-Public
Switched Telephone Network telephone switching and H.323 or Media
Gateway Control Protocol in IP telephony providing call
control/routing. For more go to www.sipforum.org
-----
Thursday TECHtionary.com TECH-Tip – Wireless LOS-Line-Of-Site or Sight?
The animated TECH-Tip tutorial is available at http://www.techtionary.com/
The archive animated TECH-Tip tutorial is available at
http://www.techtionary.com/members/slides/w/wifi-refraction.swf
Details
RF-Radio Frequency waves travel in a straight-line what is called
LOS-Line-Of-Sight. This means the user must be in a straight-line
from the antenna for optimum performance. In addition, obstacles such
as other AP-Access Points, buildings, and other objects absorb radio
waves. Users may often receive radio waves which are reflected from
other objects called multi-path. Multi-path radio signals are
generally not as strong or as reliable as direct LOS-Line-Of-Sight.
-----
Friday TECHtionary.com TECH-Tip – Weighted Fair Queuing – Getting
Stuck In Line
The animated TECH-Tip tutorial is available at http://www.techtionary.com
The archive animated TECH-Tip tutorial is available at
http://www.techtionary.com/members/slides/d/dcomsink.swf
Details
Weighted Fair Queuing allocated equal amount of bandwidth to each
packet that crosses the interface based on a FIFO-First-In First-Out
basis. That is, no packet receives Priority Queuing. Weighted Fair
Queuing assigns equal priority on all packets. However, WFQ also
assigns priorities on groups of packets called conversations such as
an FTP-File Transfer Protocol or HTTP-HyperText Transfer Protocol
session. The term conversation is used to indicate a sequence of
packets such as a voice conversation which would ideally not be routed
word by word.
---

END