How do I test the impact of Denial of Service (DoS) attacks on VoIP performance?
Traditional DoS attacks employ specially crafted TCP, UDP or ICMP packets to either use up a device’s resources (such as the number of TCP connections that can be sustained) or to congest a system with unwanted traffic. Newer “application attacks” target known application or device vulnerabilities using specially crafted layer-7 packets (e.g., by filling a VoIP-aware firewall state table or exhausting a gateway’s maximum available number of VoIP calls). A vulnerable VoIP service can be disrupted by setting up or tearing down many calls at the same time, or by injecting bogus RTP packets into VoIP streams. In addition, Trojan viruses can be used to eavesdrop on sensitive conversations or to make free long-distance calls. Agilent’s VoIP white paper describes the new types of VoIP DoS attacks. To measure the impact on VoIP performance, first establish a large number of VoIP calls, then slowly ramp up the DoS attack packet rate while graphing the VoIP quality degradation. See the ” VoIP Pe
