[VOIPSEC] VoIP and Banking Security
Christopher A. Martin
chris at infravast.com
Sun Jul 10 01:46:02 CDT 2005
A Trojan crafted to cause a UAC to transmit and split traffic in the
clear (for the split traffic) and SRTP to the legitimate receiver might
be a plausible attack. Doesn't require a sniffer either.
Chris
-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Michael Stauffer
Sent: 06/23/2005 6:33 AM
To: Voipsec at voipsa.org
Subject: [VOIPSEC] VoIP and Banking Security
Al,
Is being able to sniff DTMF Digits not in line with your wishes? :)
Looks like a RFC 2833 dissector to me, available in Ethereal.
So can anyone sniff these packets? Well, in a properly configured,
switched environment, it's not something that's done without effort, but
a malicious agent with sufficient motivation and skill can capture
these, yes. (The previous discussions from this list on the relative
ease of capturing in a switched environment acknowledged). I could be
wrong, but I believe SRTP would take care of this. Thoughts?
Mike Stauffer
BAH
VoIP Security
Greetings,
New here, and yes, I did check the archives first.
I just finished a session with my bank using the touch pad on my phone.
When finished I dumped the packets captured during the transaction
(using
ethereal). I was a little dismayed and a lot alarmed to see wherever
the
protocol was RTP EVE that the numbers I pressed on the phone were
visible in
the info field:
Payload type=RTP Event, DTMF Eight 8
I'm guessing that if I can sniff these packets, so can anyone else.
Anyone have any comments to calm my nerves?
Thanks,
Al
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
More information about the Voipsec
mailing list