[VOIPSEC] Phone Parrot: The most obnoxious IVR application ever written (for Asterisk)
Shawn Merdinger
shawnmer at gmail.com
Tue Sep 5 14:41:30 CDT 2006
On 9/5/06, Dan_York at mitel.com <Dan_York at mitel.com> wrote:
> I believe Shawn was merely pointing out the existence of the tool and the potential
> security ramifications. To my knowledge, he has no connection with the actual project.
Hrm, I initially thought this response might have been about the
VoipSec digest blasts...in any case I should respond to clarify.
> Personally, I welcome notes like this when someone comes across some new tool that
> has potential VoIP security impact. There certainly are enough new tools cropping up on > a regular basis.
Correct, I have no personal involvement with the project and my
objective for posting and thus informing the list with such tools is
to provide community awareness of VoIP security tools and potential
threats.
On a philosophical note, I suggest viewing these tools for what they
are, and recognizing the multiple purposes and scenarios, good and
evil, in which they can be used. For example, some features of the
Parrot IVR could be used as part of a community awareness alerting
system, calling individuals who wished to be called and informed of an
issue in this fashion. Also, this tool may assist some vendors on
this list who are making products to address these type's of phone
system attacks -- products using VoIP Turing tests come to mind as
related to this type of misuse.
Fwiw, I'm one of the "good guys" here and I am not selling any
products or FUD...just trying to bring the truth.
Thanks,
--scm
More information about the Voipsec
mailing list