01551nas a2200205   4500000000100000000000100001000000100002008004100003260000900044653002800053653000800081653001700089653000900106653001400115100002400129245008800153300001000241490000700251520108700258       2012                            d  c201210aCritical Infrastructure10aPBX10aPBX security10aPSTN10aTelephony1 aIosif Androulidakis00aPRETTY (Private Telephony Security) - Securing the Private Telephony Infrastructure  a89-970 v283 a<p>Private Branch Exchanges (PBXs) are privately owned equipment that serve the communication needs of a private or public entity making connections among internal telephones and linking them to other users in the Public Switched Telephone Network (PSTN) or other communication networks. Even if the core public network is operating normally, unintentional or targeted damages and attacks in PBXs can cause significant instability and problems. Furthermore, interception of calls is a very sensitive issue that affects all of us. In that sense, it is not an exaggeration to state that PBXs are part of a nation’s critical infrastructure. Much has been said and done regarding data communication security but PBXs have been left unprotected, forgotten and waiting to be attacked. This contribution outlines a targeted, centralized project in order to both educate the users and secure their telephony systems. It compromises of educational, policy, auditing, technical, documentation, hardware and software solutions and actions that could be implemented under a joint project.</p>