[VOIPSEC] UPDATES!! eStara softphone overflow & Cisco IP

[Shawn Merdinger]

> Date: Mon, 16 Jan 2006 11:31:59 -0700
> From: "Smith, Donald" <Donald.Smith at qwest.com>

> One final comment from me.
> It doesn't usually take a 1000 packets to dos the ip stacks found on
> appliances such as ip phones.

Have to agree with you.  My recent testing on voip wireless phones has
been impeded by some phones' inability to withstand even basic
scans/probes.  Pretty amusing stuff, were it not for all the open
ports and debug services left in as well ;)

We should expect targeted attacks of voip endpoints, be they
softphones, wireless, or desktop.  And in the case of many desktop
phones, the extra port for the PC provides additional attack vectors
directly to the endpoints.

Thanks,
--scm