[VOIPSEC] Vonage To Make 911 An 'Opt-Out' Option

Brian Rosen br at brianrosen.net
Sat May 14 16:23:29 CDT 2005 

The way administrative lines are provisioned in PSAPs varies all over the
map.  In some jurisdictions, incoming calls to admin lines are part of a
"City Hall" phone system, which may even have an ACD queue on it.
Probably a more common scenario is that the PSAP has a fairly conventional
PBX, and the admin lines are just trunks from the PSTN as any PBX would
have.  There are likely only a few lines (3-6 maybe for a small PSAP).

OTOH, the number of trunks used for "real" 9-1-1 trunks is also pretty
small, often not many more than the number of call taker positions.  The
system is designed to give busy when call takers are busy, and not to queue
very many calls.  They basically would rather you get a busy signal than
have a long wait time for answer.

Brian

> -----Original Message-----
> From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
> Behalf Of Bob Wise
> Sent: Friday, May 13, 2005 12:40 PM
> To: Voipsec at voipsa.org
> Subject: RE: [VOIPSEC] Vonage To Make 911 An 'Opt-Out' Option
> 
> 
> 
> When you say Vonage account server, I assume you mean their
> customer/provisioning system. The call server might also be a target.
> 
> Also...
> 
> - Zombie takeover of PC with a Vonage softphone.
> - DOS attack against the ATA
> 
> Candace - could you clarify the scenario you had in mind a bit?
> Don't any of the attacks against a residential service disable the entire
> service, not just 911? Is this a case where someone is going to say, rob
> you, wants to make sure that your 911 service is disabled so you can't
> call
> for help? If so, seems like a pretty arcane attack to me.
> 
> It DOES seem like the admin lines as you describe it are much more likely
> to
> suffer from DOS attacks than the main call center - maybe even just normal
> emergency traffic. If I have 911 service from Vonage, et. Al, sounds like
> there is a much higher chance of admin line getting overrun by "normal"
> traffic. Comment?
> 
> -Bob
> 
> PS: Can the moderator fix the mailman bounce processing options to deal
> with
> the OOO messages? Thanks.
> 
> -----Original Message-----
> From: Robert Moskowitz [mailto:rgm at icsalabs.com]
> Sent: Friday, May 13, 2005 8:58 AM
> To: Candace Holman; Bob Wise; Voipsec at voipsa.org
> Subject: RE: [VOIPSEC] Vonage To Make 911 An 'Opt-Out' Option
> 
> At 12:53 AM 5/13/2005, Candace Holman wrote:
> >Some locations don't provide traditional 911 access for VoIP, it just
> >connects to an out of band administrative line at the answer point.  They
> >are supposed to make sure that the answer point is aware that emergency
> >calls may come in on that admin line.  But in terms of security, instead
> >of having to go to the trouble of snipping your phone or cable wires,
> with
> >this in place a criminal attacker can just hack your Vonage account to
> >disable your emergency communication line.
> 
> How does one hack a Vonage account?
> 
> I can only think of three ways:  Standard SSL MITM attacks (requires
> shared
> media), Keystroke capturing spyware, attacks against Vonage account
> server.  Number 2 is the most vunerable, it would seem.  And the attacker
> would typically be after things other than disabling emergency
> communications?
> 
> 
> Robert Moskowitz
> Senior Technical Director
> ICSA Labs, a division of Cybertrust, Inc.
> W:      248-968-9809
> F:      248-968-2824
> VoIP:   248-291-0713
> E:      rgm at icsalabs.com
> 
> There's no limit to what can be accomplished if it doesn't matter who gets
> the credit
> 
> 
> 
> 
> 
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>

More information about the Voipsec mailing list