ISIC for VoIP Phone Stacks

In my last post I noted that it’s a good idea to know how robust your IP phone is to attacks against the stack and mentioned the Targa3 tool for classic attacks. Continuing in this testing approach I’d like to bring up a fantastic tool called ISIC. If you dare to run ISIC, I can almost guarantee will make any IP phone drop dead in its tracks, reboot, show wierd characters on the screen, etc., etc.

Take my word for it, you do not want to run this monster on a production network. To wit, the ISIC page states the following:

“Warning: ISIC may break shit, melt your network, knock out your firewall, or singe the fur off your cat”

A key takeaway of ISIC is that it is not just a single tool, but rather a suite of tools; with each tool (esic, udpsic, tcpsic, etc.) geared toward targeting a specific layer of the IP stack.

Oops… Skype failed to mention this wee minor security update…

B9C2EAA9-B78E-4378-9433-6D6EC2DEC3B4.jpgSkype today announced that there is a serious security vulnerability in Skype for Windows versions older than 3.6.x.216. As noted:

An exploitable memory corruption may occur during the parsing of URIs which can result in arbitrary code execution under the user rights of the current Windows account.

It turns out that this was fixed in the release back on November 15th, but Skype had an “unintentional communication oversight”:

At Skype, we strive to inform the public of vulnerabilities and malware that may affect Skype software. While this particular vulnerability was fixed, there was an unintentional communication oversight and we failed to bring the case to the public’s attention. All we can do now is to apologize.

Oops!

Thanks for the apology, Skype… and now would be a really good time for any Windows Skype users out there to look at upgrading!

P.S. Tip of the hat to Ryan Naraine’s Zero Day blog where we noticed the item this morning.

Technorati Tags:
, , ,

Toasting VoIP Phones with Targa3

With all of the VoIP tools available it’s easy to forget to test the IP stack of your VoIP phone for stability from classic attacks. With that in mind, a good tool for accomplishing this basic vetting is called Targa3. Written way back in 1999, Targa3 encompasses several attacks such as Jolt, Nestea, etc. to “generate attacks using invalid fragmentation, protocol, packet size, header values, options, offsets, tcp segments, routing flags, and other unknown/unexpected packet values.”

You can grab Targa3 from Packetstorm here. Oh, and happy toasting. 🙂

VoIP makes the SANS Top 20 Internet Security Risks of 2007 (again)

The SANS Institute just released its Top 20 Internet Security Risks of 2007 Annual update. Yet again this year, VoIP made the list, with a collection of just some of the VoIP vulnerabilities that were disclosed this past year. Check it out. For those of you who don’t want to read the entire document, a decent executive summary is available here.

ISC2 elections now underway – if you are a CISSP, please vote!

200711211358Just a note that if any of you out there are CISSP-certified, the elections for the Board of Directors for the ISC2 is happening right now through November 30th. Visit the ISC2 website, login to the members section and vote for up to 5 candidates (of the 12 running). If you find value in the CISSP, as I do, and would like it to retain its value, I encourage you to spend a few minutes reading through the bios and voting in the election. Ultimately, the direction of the ISC2, and the value of the CISSP certification, is in our hands as certification-holders and ISC2 members.

Technorati Tags: ,

McAfee Predicts 50% Rise in VoIP Attacks for 2008

McAfee recently published their top ten threat predictions for 2008. Among the other threats, attacks against VoIP systems were predicted to rise by 50% in 2008:

VoIP attacks should increase by 50 percent in 2008. More than twice the number of VoIP-related vulnerabilities were reported in 2007 versus the previous year – several high-profile “vishing” attacks, and a criminal phreaking (or fraud) conviction – so it’s clear that VoIP threats have arrived and there’s no sign of a slowdown.

Colossus Redux

Bletchley Park is the UK’s mecca for people interested in the history of code breaking, and in particular the codes of World War 2. Bletchley Park (in WW2 known as “Station X”) was the home of the code breakers, and where early computing pioneers like Alan Turing worked on the science of breaking cyphers.

This week, a team of volunteers led by Tony Sale completed a 14 year project to rebuild Colossus, one of the code-breaking computers used at Bletchley Park. After the war the machines were dismantled and even the plans destroyed by order of the military, so the Colossus had to be painstakingly remembered and reconstructed, with the help of some of the original engineers that built it. Tony Sale has had a long association with Bletchley Park, and also with remembering and rebuilding the most important antique computers in the British history of computing.

Although the Colossus was somewhat single-minded in its operation, its use of valves as electronic switches paved the way for the general-purpose computers of the 1940s and 50s, and of course the work they did at Bletchley paved the way for the use of encryption technologies that we use today in data and voice applications across the Internet.

Link: Silicon.com report on the Colossus rebuilt.

List of VoIP Security training courses…

Over on his own VoIP Security Weblog, Mark Collier recently posted a nice list of VoIP security training courses. In looking at his list I think there might be one or two other ones we’ve mentioned on Blue Box that I’ll have to dig up… but overall it’s a good list. Thanks, Mark, for putting it together!

This kind of list should really have a home somewhere on the VOIPSA web side under, say, the Resources page. We’ll have to see about putting a page up. Anyone out there interested in being the maintainer of such a page?

Technorati Tags: , ,

Malware tries to entice Skype users with chat msg about lost girl…

Last week I meant to write about this, but Skype is advising people about some malware that is floating around that tries to entice Skype users to click a link that will then infect your computer. The rather despicable fashion the malware uses is to send a chat message that says “Please help me find this girl” referring to Madeleine McCann. Facetime Security Labs has a lengthy writeup that goes into all sorts of details about the particular worm variant. It propagates via IM, so it’s not anything particularly tied into VoIP, but obviously just something people should be concerned about.

Technorati Tags: