[VOIPSEC] Cisco 7920 wireless IP Phones

Robert Thompson Jr. rthompson at columbiabank.com
Wed May 25 13:19:12 CDT 2005 

I am very new to VOIP, so please bear with me.

But when you say that it is trivial to intercept the traffic, you just
mean to receive it right?  You are not talking about deciphering the
information and being able to listen in on the conversation are you?

Why would IPSEC add too much overhead?

Instead of SSH and SSL, could TLS be used?  As I am under the
understanding that TLS doesn't have any more overhead than SSL though is
quite more secure.

Rob.

-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Christopher A. Martin
Sent: Tuesday, May 24, 2005 5:47 PM
To: 'Finnegan, James M SAM Contractor'; Voipsec at voipsa.org
Subject: RE: [VOIPSEC] Cisco 7920 wireless IP Phones


It is trivial to hijack, intercept, impersonate any type of traffic over
wireless, whether WEP, WAP, etc is implemented. IPSec over it is about
the only safe bet (which adds too much overhead). SSH and SSL can also
be compromised due to wireless hijacking.

-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
Behalf Of Finnegan, James M SAM Contractor
Sent: Tuesday, May 24, 2005 12:03 PM
To: Voipsec at voipsa.org
Subject: [VOIPSEC] Cisco 7920 wireless IP Phones

Greetings all,

  I have run into a problem I was hoping to get feedback on. We are
using the 7920 IP Phones at our sites, running CCM 3.3.

 The Army has decided the wireless link needs to be encrypted with
something other than WEP or WEP  w/LEAP. Our standard wireless
encryption is 3DES.
The
7920's only support WEP or WEP w/LEAP. Has anyone run into this problem?

 

Thanks

 

Mike Finnegan

B.I.T.S.

U.S.Army Corp of Engineers

 

 

_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org


_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list