[VOIPSEC] VOIP and Forensics

Mark Teicher mht3 at earthlink.net
Thu Mar 17 21:50:05 GMT 2005 

Actually, your missing the point, it discusses how an misc error was detected, etc.  Most people who have been in the telecommunications field for a while, who specialize in installation, maintenance and programming of non-IP enabled PBX's can tell you that tracking a toll fraud or active toll fraud issue is not as trivial as it appears.
Collating call detail records, previous month call detail usage, etc.   It is a well written story as the reason for the mention, but as one can look there are not that many tools available to conduct VOIP forensics as there has been many email postings, book mention and commercial applications to conduct full blown network/workstation forensics.  Some groups are in the midst of building them into service offerings or integrating some components into various IDS/IPS products, but to trace VOIP toll fraud, SPIT or SPIM through a VOIP infrastructure is somewhat daunting today.

-----Original Message-----
From: Carsten Schiefner <enumvoipsip.cs at schiefner.de>
Sent: Mar 17, 2005 3:57 PM
To: Mark Teicher <mht3 at earthlink.net>
Cc: Voipsec at voipsa.org
Subject: Re: [VOIPSEC] VOIP and Forensics

Mark, all -

Mark Teicher wrote:
> BOOK:
> The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage - a good primer/reader on those who might specialize in telecommunications security.
> 
> Cliff Stoll was an astronomer turned systems manager at Lawrence Berkeley Lab when a 75-cent accounting error alerted him to the presence of an unauthorized user on his system. The hacker's code name was "Hunter" -- a mystery invader hiding inside a twisting electronic labyrinth, breaking into U.S. computer systems and stealing sensitive military and security information. Stoll began a one-man hunt of his own, spying on the spy -- and plunged into an incredible international probe that finally gained the attention of top U.S. counterintelligence agents. The Cuckoo's Egg is his wild and suspenseful true story -- a year of deception, broken codes, satellites, missile bases, and the ultimate sting operation -- and how one ingenious American trapped a spy ring paid in cash and cocaine, and reporting to the KGB.

I can only agree. Conincidentially, I re-read it just the other week. 
And apart from what you said, it is also just a well-written crime story 
and a peephole to what WANs were abou 20 years ago.

Best,

	Carsten

More information about the Voipsec mailing list