The development of the Internet is fuelled by numerous commercial intentions; it is no longer simple information delivery. Moreover, many criminals try to earn profit through the Internet. Thus, the use of the internet should be under the protection of information security in order to assure honest users. The main problems today include Internet phone fraud and internet phone attacks; therefore, in addition to the analysis and management of Internet security vulnerabilities, penetration testing should be added to test the security in a practical Internet environment. This paper consults the related works of DEFSOP and correlative digital evidence from different scholars and develops a higher quality and more suitable DEFSOP. In addition, this paper discusses the security problems faced by the VoIP, lists prevention policies and designs a VoIP DEFSOP to help forensics operators. This paper shows how VoIP DEFSOP works in the operation stage through experiments in order to provide investigators with suggestions for the future.