[VOIPSEC] Vonage To Make 911 An 'Opt-Out' Option
rgm at icsalabs.com
Fri May 13 16:58:03 BST 2005
At 12:53 AM 5/13/2005, Candace Holman wrote:
>Some locations don't provide traditional 911 access for VoIP, it just
>connects to an out of band administrative line at the answer point. They
>are supposed to make sure that the answer point is aware that emergency
>calls may come in on that admin line. But in terms of security, instead
>of having to go to the trouble of snipping your phone or cable wires, with
>this in place a criminal attacker can just hack your Vonage account to
>disable your emergency communication line.
How does one hack a Vonage account?
I can only think of three ways: Standard SSL MITM attacks (requires shared
media), Keystroke capturing spyware, attacks against Vonage account
server. Number 2 is the most vunerable, it would seem. And the attacker
would typically be after things other than disabling emergency communications?
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
E: rgm at icsalabs.com
There's no limit to what can be accomplished if it doesn't matter who gets
More information about the Voipsec