[VOIPSEC] Vonage To Make 911 An 'Opt-Out' Option
Robert Moskowitz
rgm at icsalabs.com
Fri May 13 16:58:03 BST 2005
At 12:53 AM 5/13/2005, Candace Holman wrote:
>Some locations don't provide traditional 911 access for VoIP, it just
>connects to an out of band administrative line at the answer point. They
>are supposed to make sure that the answer point is aware that emergency
>calls may come in on that admin line. But in terms of security, instead
>of having to go to the trouble of snipping your phone or cable wires, with
>this in place a criminal attacker can just hack your Vonage account to
>disable your emergency communication line.
How does one hack a Vonage account?
I can only think of three ways: Standard SSL MITM attacks (requires shared
media), Keystroke capturing spyware, attacks against Vonage account
server. Number 2 is the most vunerable, it would seem. And the attacker
would typically be after things other than disabling emergency communications?
Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
W: 248-968-9809
F: 248-968-2824
VoIP: 248-291-0713
E: rgm at icsalabs.com
There's no limit to what can be accomplished if it doesn't matter who gets
the credit
More information about the Voipsec
mailing list