[VOIPSEC] Voipsec Digest, Vol 23, Issue 7

Satyam Tyagi sTyagi at sipera.com
Thu Nov 23 23:57:36 CST 2006 

You may want to google "PBX phreaking"
 
you'll find some good sites.
 
For example:
 
http://www.xs4all.nl/~l0rd/phreak.htm
 
I like the paper on pbx phreking.
 
Thanks,
Satyam 
 
----- Original Message -----
From: voipsec-bounces at voipsa.org on behalf of Bill Flanagan 
Sent: Thu, 11/23/2006 1:55pm
To: voipsec at voipsa.org
Subject: Re: [VOIPSEC] Voipsec Digest, Vol 23, Issue 7 
 
 
Attacks against PBXs most often reported are use of the "DISA" feature (dial in, enter 
code, get outside dial tone from the PBX to call anywhere).  Can be done on analog or 
ISDN trunks.  Lots of times the default password on this feature is not changed.  Losses 
used to reach into the hundreds of thousands of dollars per PBX.  Not so common these 
days as it's less trouble to use Skype.

Bill

voipsec-request at voipsa.org wrote:
> Send Voipsec mailing list submissions to
>     voipsec at voipsa.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
>     http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> or, via email, send a message with subject or body 'help' to
>     voipsec-request at voipsa.org
> 
> You can reach the person managing the list at
>     voipsec-owner at voipsa.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Voipsec digest..."
> 
> 
> Today's Topics:
> 
>    1. Not quite a VoIP security question... (Jason Ross)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Thu, 23 Nov 2006 15:18:21 +1100 (EST)
> From: "Jason Ross" <jason at bodgie.org>
> Subject: [VOIPSEC] Not quite a VoIP security question...
> To: Voipsec at voipsa.org
> Message-ID:
>     <36865.192.11.225.118.1164255501.squirrel at www.bodgiecolo.net>
> Content-Type: text/plain;charset=iso-8859-1
> 
> Hi
> 
> As mentioned in the subject it isn't really a VOIP security question.
> Anyway, I have a customer who is concerned about vulnerabilities
> originating from the ISDN services connected to their PBXs. As
> telecommunications security profesionals does anyone know of any attacks
> and or tools and products in this space?
> 
> So far I have not been able to find a great deal of information, hope
> someone can provide some assistance.
> 
> Jason
> 
> 
> 
> ------------------------------
> 
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> 
> 
> End of Voipsec Digest, Vol 23, Issue 7
> **************************************
> 

-- 

Bill Flanagan
____________________________________________
Flanagan Consulting     Ph:  +1.703.242.8381
45472 Holiday Dr. #3,   Fx:  +1.703.242.8391
Sterling, VA 20166 USA
www.flanagan-consulting.com
       "Experts in Converged Networking"

"Beware of false knowledge; it is more dangerous than ignorance."
                                         --George Bernard Shaw

_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list