[VOIPSEC] VoIP Attack : How feasible

Hank Cohen hcohen at hifn.com
Fri May 5 16:38:25 CDT 2006 

There are known vulnerabilities of Cisco routers.
Poorly managed network elements can be compromised.
People can be bribed.
Most Ethernet switches have port mirroring capabilities that could be
used.
DNS and BGP can be spoofed to misroute traffic.
It is probably easier to intercept within an enterprise but IP makes the
carrier infrastructure less secure than we have become accustomed to,
not more.

A big difference is that since the implementation of SS7 signaling has
been done out of band on the PSTN.  In the Internet VoIP signaling (SIP)
runs over the same lines so unless the SIP messages are encrypted using
traditional VPN technology (IPsec/SSL/TLS) bogus signaling messages
could be injected  by any nefarious user.

The PSTN wasn't that secure either but physical access generally
required an evesdropper to physically tap a line or gain access to a
central office switch so there was better physical security.  The
Internet provides opportunites to gain access and have the results of
your intercept forwarded to you wherever you might be.

In short there are plenty of vulnerabilities.  My list probably just
scratches the surface. 

Hank Cohen
Hifn

> -----Original Message-----
> From: Voipsec-bounces at voipsa.org 
> [mailto:Voipsec-bounces at voipsa.org] On Behalf Of Gupta, Sachin
> Sent: Friday, May 05, 2006 1:42 PM
> To: voipsec at voipsa.org
> Subject: [VOIPSEC] VoIP Attack : How feasible
> 
> I have a very basic question here.
> How easy or feasible it is to launch any kind of attack on 
> internet , be
> it VoIP or anything else? Apart from the insider attack, how would
> somebody be able to read the data that i sent on wire.
> I can understand that such attacks are possible in an enterprise
> scenario, but do not understand the scenario in which somebody could
> launch these attacks over the internet.
> Can somebody provide some information here
>  
> Thanks
> Sachin
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> 
>

More information about the Voipsec mailing list