CAREER EPISODE 3
A. INTRODUCTION
CE 3.1
I worked on the project with the project a title of “Design and Implementation of Voice over Internet Protocol” or Design and Security of VoIP Systems. During the tenure, I was studying a Bachelor in Electronics & Communication Engineering at ………… University located at ………… I performed the project under the supervision of Mr. …………… who guided me throughout the entire period starting from …………….. to ………………
B. BACKGROUND
CE 3.2
VoIP (Voice over Internet Protocol) is a communication technology that implements packet switching to ensure wireless internet communication. VoIP supports the algorithm of the PBX system and facilitates the transmission of voice over the internet network, following the same method of sending and receiving e-mail. This project involved the designing and testing of a VoIP based PBX system using penetration testing process to find the vulnerabilities present in the network, exploit those weaknesses and formulate measures to avoid such shortcomings of the network.
CE 3.3
There had been several objectives of this project fixed according to the fundamental goal of the project. I decided to achieve those objectives during the implementation phase of this project to fulfill the goal. The objectives are given below:
To provide network security by identifying drawbacks on VoIP technology
To make a real-life implementation of VoIP tools
To perform the task of the optimization of VoIP PBX system for the network security
CE 3.4
I worked on the project simulation using the VMware tool and make an analysis of the VoIP network virtually. I installed a virtual Operating System for the system and tested the security of the network. Furthermore, I worked on the optimization of the overall system to make its performance better. I developed a better and enhanced routing path for the VoIP system.
CE 3.5
The picture below shows the management level of the organization which was considered during the work.
Figure: Organizational Hierarchy
CE 3.6
As a project leader, I held the responsibility to terminate the entire project with expected outcomes in the given time. So, I performed many duties until during this span which is mentioned in bullets below:
To use VMware tool to design the proposed system and configured the network on its design platform
To install the virtual OS and then establish a platform of telephony
To set the routes for inbound and outbound trunks
To evaluate the parameters concerning the Quality of Service (QoS) of the designed network
To conduct the penetration testing of the devised network system to ensure proper security of the network
C. PERSONAL ENGINEERING ACTIVITY
CE 3.7
I conducted the literature review to get the reference ideas on the development of a VoIP system. I referred the internet to know as many ideas for the VoIP system and gathered all those ideas to obtain quite efficient ideas on project development. I also consulted with my project guide and asked them about project implementation technique and startup. After gathering overall project ideas, I designed the system with enhanced performance and tested it for any security issues.
CE 3.8
I applied my academic knowledge for designing the VoIP system and the security of the system was enhanced by different research conducted during the project. I complied with the regulations of the university while designing and developing this project. I showed ethical and moral behavior towards the team associates and supervisors. Besides this, I considered the IEEE 802.11 standard as I used LAN network to develop a VoIP system. I also took consideration of the IEEE 802.10 standard for the LAN security of the network.
CE 3.9
Primarily, I utilized a virtual OS in VMware to design the proposed system to configure the devised method and to implement the developed network for testing. There, I launched a VMware workstation, clicked on a new virtual machine and selected the virtual machine type i.e. VMX files and clicked on Next. Further, I chose the guest operating system using an installer disc image file and again clicked on Next. Ahead, I entered my product key, created the username as well as password and again clicked on Next. I named the virtual machine and specified its files location to save. Next, I established the disk size of a virtual machine where I selected a single file to store the virtual disk and clicked on Next.
More, I configured several other settings for virtual machines such as USB controller, display, processors, network adapter, etc. and clicked on Finish. Further, I supplied a power to the virtual machine to start the installation of VMware tools automatically and after the installation, I restarted the virtual machine to make all changes in the working state. I applied a scenario consisting of the setup for a small-scale endeavor for communicating within the organization, handling, incoming and outgoing calls using various equipment having a common caller ID. I performed the designing and setup in an artificial surrounding.
In the next stage, I started to establish a platform of telephone network called trixbox PBX to communicate internally using VoIP. There, I installed the VoIP trixbox in VMware virtual box of 64 bit as per my PC requirement. Further, I started the trixbox in VMware software and logged in at Linux level with default ID (root) and password (trixbox). I then configured the IP setting for internet configurations where I provided the IP address, Netmask, default gateway and primary name server and pressed OK on the configuration screen. After completing the configuration of trixbox, I opened the trixbox in my web browser for further configurations.
I selected the switch icon at the top right corner of the trixbox window and provided the user name as “maint” and password as “password” for default registration. Next, I closed the registration page and went to the trixbox platform where I selected the Asterisk and then FreePBX. In the next appeared window, I selected the Setup, clicked on extension and then clicked on “add an extension” to create phone numbers. I created three extensions with different user extension numbers and name for performance testing of VoIP and finally clicked on apply. Next, I installed a softphone named 3CX and configured it. I performed a test call and completed the settings for voice-mail.
After that, I set the routes for inbound and outbound trunks. I selected the service provider for incoming and outgoing data and information. I completed the trunk settings and determined the inbound route to configure the inbound trunk. Similarly, I configured the outbound trunk by completing the setup and selecting the outbound route. Furthermore, I worked on making an evaluation of the parameters concerning the Service Worth of the designed network system to analyze the design as well as the stage of run-time for administrating quality of service (QoS). I determined the accuracy and speed of transmission of packets in the network, calculated & detected the jitter or fluctuations in communication and checked the latency of the system.
Then, I conducted penetration testing of the devised network system to ensure proper security of the network and to determine any flaws that may be present in the designed system. I installed a softphone called X-lite to act as the client and started a spoofing attack to imitate an actual attack on the system. I implemented a backtrack tool called Inviteflood to conduct the spoofing penetration test. I was able to make a deceiving call to the network that proved the trafficking of the network by internet medium. I realized that the system was prone to attackers that sniff the packets to grab unencrypted or unsecured traffic present in the network. Thus, I discussed the issue with my teammates and supervisor to determine the crux of the matter.
I noticed that the network experienced some unwanted VoIP traffic coming from the internet. I did some more studies regarding the invasion of the communication system by outsiders and packet sniffers. I brainstormed on the difficulty and found some practically applicable solutions of the issue. I realized that the use of a VPN tunnel could minimize the attack by external traffic to the network. I consulted my supervisor before implementing the technique. With the approval of my supervisor and the joint consent of all the project members, I decided to implement VPN tunnels. I determined the places within the network boundary that need VPN tunneling with the help of a technician. I used the technique of implementing VPN tunnels in places within the network to solve the issue of unwanted VoIP traffic from the internet.
CE 3.10 TECHNICAL PROBLEMS AND SOLUTIONS
During the test call, when I called a device present in the network, I was unable to complete the call and the server displayed a message that the firewall could not recognize the protocol. I tried another tit for the second time but became unsuccessful. Then, I tried sending a message over the system, but it also turned out to be a failed attempt, as the system displayed the same message again. I could not understand the problem at first, but with the help of my supervisor, I found out the cause of the issue. I realized that the firewall used by my device was an older one which was unable to recognize the protocols used for VoIP. Further, I noticed that the firewall installed in my device failed to detect the protocols of VoIP like Cisco’s SCCP protocol and SIP and blocked the traffic coming under those protocols. I tried updating the firewall to identify the VoIP protocols but was unsuccessful. Then, I brainstormed on the appropriate solution to the issue and contacted my supervisor to solve the problem. I followed the suggestion of my supervisor and implemented the latest firewall on my device for carrying on the operation. After applying the latest firewall, I rechecked the system’s response to VoIP protocols and found that the system worked properly after the implementation of the new firewall.
I encountered a problem when I was implementing the devised system of communication. I completed the design of the proposed plan and prepared the required setup to use the developed system. I tested the design and performed necessary optimization on the design to finalize the model. I created a final model of the VoIP integrated PBX communication system. After completing the task of developing the proposed model, I ran the system to verify its operation. I noticed significant traffic in the system that made the entire system busy and inaccessible to other services of the network. I called my supervisor and asked about the possible measures to overcome the issue. My supervisor suggested me to check the ports and network services, and I did the same to ensure proper operation of the system. I comprehended that due to the use of VoIP, some of the ports for TCP/UDP communication were left open unnecessarily and were not monitored adequately that made the network vulnerable that would get an attack having reference with Denial of Service (DoS). I discussed the problem with a project team and generated a solution to the problem. I devised a strategy of combating the situation created by unexpected DoS attacks on the system. I inspected all the ports of the configuration and shut down all the unessential services and ports that were not in use at the moment. Furthermore, I patched the developed network for the latest vulnerabilities and made the network safe from DoS attacks and other similar interventions of the network.
CE 3.11 CREATIVE WORK
In the project, I set up an intrusion detection system (IDS) to monitor the network, and at the same time, to provide the quick alert if anyone would attempt to hijack the traffic flow. I also considered using a virtual private network in order to provide a high layer of security. I ensured the network monitoring and proper process auditing. I performed all these tasks to provide better security to the VoIP system and to prevent it from any external attack.
COORDINATION:
CE 3.12
I worked with the associate team members and completed the project within the specified time. Being the project leader, I worked on the management of the project activities like coordinating the team and arranging the materials. I used the PERT chart and Gantt chart to achieve the project goals in time. I worked with the team associates and collected all of the design data to develop a final project report. I collaborated with the project supervisor, colleagues and all who involved in the project. I also made a presentation on the project.
D. SUMMARY
CE 3.13
I actively worked with the team in designing and developing the VoIP network for the project. I considered VMware network simulator tool to configure the network. I installed the virtual operating system and established the platform of telephony. I made a different analysis of the VoIP network using this tool. I conducted the penetration test to ensure the good security of designed VoIP system.
CE 3.14
With the implementation of the VoIP tool, I enhanced voice communication within a certain organization or area. The voice data transferred with high speed through this system. The security of the designed system was enhanced and the data was transferred with low cost.
CE C3.15
During the project, I gained a lot of knowledge in the engineering field basically in voice over internet protocol configuration and its security. I led and managed the project team which in turn boosted my leadership as well as management skills. I interlinked my theoretical ideas with real life system development. I liaised with many people during the project and boosted my communication skills.