[VOIPSEC] Actual Attacks
Mark Teicher
mht3 at earthlink.net
Sun Feb 27 06:59:03 CST 2005
Some of the attacks mentioned have been used during quality assurance
evaluations to validate whether the particular product can prevent such an
event. Some vendors use testing gear that injects calls from various
sources to ensure their device can handle call center type volume which can
be interpreted as a denial of service attack in of itself.
/m
At 05:31 PM 2/25/2005, Brian Rosen wrote:
>Are you aware of this actually happening, or is this all theoretic?
>
>I've never heard of actual incidents of any of this.
>
>The latter (eavesdropping) is actually the reverse; when we do testing, we
>have to go through all kinds of grief to allow the sniffers to get at the
>packets. Someone has to actually bring a hub (not a switch) so we can sniff
>the packets. You can, of course, run Etherreal on some of the actual
>devices. It's amazingly hard to sniff packets in a typical switched
>architecture. When we implement CALEA (legal wiretap), it takes a special
>box that we force all the traffic to go through so we can copy the packets
>to the LEA.
>
>WiFi and your neighbor's cable modem excepted, of course.
>
>Brian
>
> > -----Original Message-----
> > From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
> > Behalf Of Mark Teicher
> > Sent: Friday, February 25, 2005 4:37 PM
> > To: voipsec at voipsa.org
> > Subject: RE: [VOIPSEC] Actual Attacks
> >
> > Actual Attacks
> >
> > SIP Proxy Impersonation
> > SIP Proxy Hijacking
> > Message Tampering - hard to devise an common exploit across VOIP
> > platforms, but most likely possible
> > Denial of Service - depends on the packet, usually just causes a phone to
> > reset, or a port to shutter on the gateway, call server more vulnerable
> > due to the underlying operating system
> > Session Attack - hard to devise a common exploit applicabel across all
> > VOIP platforms, possible on some of the well known vendors
> > Eavesdropping - more feasible than most, especially if some of the default
> > features of the particular VOIP equipment is not configured properly.
> >
> > -----Original Message-----
> > From: Robert Moskowitz <rgm at icsalabs.com>
> > Sent: Feb 25, 2005 1:56 PM
> > To: Brian Rosen <br at brianrosen.net>, 'Simon Horne' <security at isvo.net>,
> > voipsec at voipsa.org
> > Subject: RE: [VOIPSEC] Actual Attacks
> >
> > At 09:36 AM 2/24/2005, Brian Rosen wrote:
> >
> > >"Web of Trust" is a failed concept. It works, but we have not been able
> > to
> > >successfully deploy in a large scale.
> >
> > But it CAN work for groups of friends.
> >
> > >Certificate authority chains work only within an enterprise. We have not
> > >really made them work well outside of that.
> >
> > Check out ACES.
> >
> > Check out the Federal PKI and work being done to duplicate it in
> > commercial
> > settings (drug industry for one). Note I am the author of the Bridge CA
> > model in the federal PKI.
> >
> > Thing is you REALLY need a reason to get PKi s to work together. Mail was
> > never one. Bout VoIP could be.
> >
> >
> > Robert Moskowitz
> > Senior Technical Director
> > ICSA Labs, a division of Cybertrust, Inc.
> > W: 248-968-9809
> > F: 248-968-2824
> > E: rgm at icsalabs.com
> >
> > There's no limit to what can be accomplished
> > if it doesn't matter who gets the credit
> >
> >
> >
> > _______________________________________________
> > Voipsec mailing list
> > Voipsec at voipsa.org
> > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> >
> >
> >
> >
> > _______________________________________________
> > Voipsec mailing list
> > Voipsec at voipsa.org
> > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> >
More information about the Voipsec
mailing list