[VOIPSEC] Confirmed cases of SPIT

Mark Teicher mht3 at earthlink.net
Tue Mar 14 16:12:35 CST 2006 

Some of the current methods in collecting SPIT, in order to conduct testing is to archive calls that can be separated into the following categories: Call Misdials, Modem-based war dialing attacks (toneloc, Sandstorm, SecureLogix Modem Dialer are excellent in generating this type of pattern calling for both PSTN and VoIP), misplaced 911 calls, misdirected 411 calls, customer service support calls, sales prospecting, conference calls that are allowed to be recorded (i.e. company financial earning reports, etc), recording of after hour out going announcements, restricted calls, international calls asking which way the water exits the bowl, even setting up an Asterisk PBX with several extensions setup to respond with "You are X caller of Y caller, your wait time is", misconfigured dial plan in a test environment.  All these examples provide a small sample set of calls to exercise anti-SPIT techologies.  But again, receiving a secondary feed of "live" calls to a customer call center would be an interesting exercise also (i.e a telecom equipment provider Tier support line)..  

I am sure this is covered in soon to be released security books on VoIP..




-----Original Message-----
>From: jcaldwell at SonicWALL.com
>Sent: Mar 14, 2006 3:48 PM
>To: jon at pgpeng.com
>Cc: Voipsec at voipsa.org
>Subject: Re: [VOIPSEC] Confirmed cases of SPIT
>
>>Re: [VOIPSEC] Confirmed cases of SPIT
>>Jon Callas writes:
>>
>>Does this matter?
>>
>>My home phone number gets spam faxes. Often / usually in the wee  
>>hours. It happens often enough that it is our practice to take the  
>>phone off the hook. Nothing can be done about it, just ask the phone  
>>company. Why should I care about SPIT, given that I'll bet if I  
>>switch my phone number to VOIP, nothing will change, and if I get  
>>*any* new phone number, it will go away?
>>
>>Jon
>
>Jon,
>Current methods of unsolicited telemarketing revolve around use of POTS
>dialing and switching through a phone company to cause a target phone to
>ring.  In some cases, if a target phone is answered, the originating
>call is transferred to a human telemarketer to continue the call.  In
>other cases, the system is used to simply deliver a pre-recorded,
>unsolicited message.  In either case, it is necessary that the initiator
>be 'switched' by the phone company over the limited number of lines the
>initiator has available.  This results in governing the effective rate
>at which an unsolicited caller site can reach targets.
>
>With VoIP, however, and appropriate equipment it is possible to generate
>thousands of concurrent calls without the limiting factor of an
>intervening phone company switch.
>
>Methods such as Number Harvesting discussed by the VOIPSA "VoIP Security
>and Privacy Threat Taxonomy" Working Group could be used to enhance the
>effectiveness of such an approach.
>
>Although we have seen a good deal of press and talk regarding SPIT, I am
>interested in actually hearing of confirmed cases where a SPIT attack
>was experienced.  This is in the interest of separating hype from fact.
>
>Regards,
>Jeff Caldwell
>SonicWALL, Inc.
>_______________________________________________
>Voipsec mailing list
>Voipsec at voipsa.org
>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list