[VOIPSEC] VOIP Telephone exploitation
Jerome Athias
jerome.athias at free.fr
Sun Oct 18 03:57:17 CDT 2009
Hi,
crypto on Cisco phones is easily breakable.
The problem is that it couldn't be released because it should be
impossible for Cisco to update the firmwares, and releasing this stuff
would be a nightmare for companies using it.
/JA
Le samedi 17 octobre 2009 à 09:48 -0500, brolen a écrit :
> Since the inception of your group, have you identified a clear cut strategy to detect, identify and guard against remote eavesdropping on a VOIP system such as the Cisco-IP phone. In addition, what tests are being used to identify the activation of the remote maintenance or remote observation features.
>
> I would certainly like to hear from some of your members regarding the defenses and protections for VOIP systems that a company can logically employ.
>
> In addition, has anyone made any headway into the detection and removal of Trojans or rootkits on cellphones. This appears to be a rather large effort for attacking devices such as I-phones, Blackberrys etc.
>
> Thanks,
> Bob Rolen
More information about the Voipsec
mailing list