[VOIPSEC] VoIPshield Labs ... I smell a goat...
J. Oquendo
sil at infiltrated.net
Wed Apr 2 15:58:13 CDT 2008
You would think with as many vulnerabilities, VoIPGuard
would be mentioned in at least one advisory:
Google:
Results 1 - 8 of 8 for voipguard cisco. (0.34 seconds)
Results 1 - 2 of 2 for voipguard cert. (0.23 seconds)
voipguard CERT advisory = 0
I could go on, but it would be moot. The only instances
of VoIPGuard and Advisory coming out of the searches are
PR crapaganda:
Results 1 - 10 of about 189 for oquendo cert advisory. (0.27 seconds)
Let me take their first vulnerability as an example:
<FUD>
http://www.voipshield.com/component/option,com_fabrik/Itemid,203/task,viewTableRowDetails/fabrik,1/rowid,16/_cursor,0/_total,44/tableid,1/
In the short term it is recommended that a VoIP aware
IPS product, such as VoIPguard, with signatures to
detect attempts to exploit this issue, be implemented
to prevent it from being exploited.
</FUD>
So either they're re-posting CERT advisories and claiming
them as their own, OR... They're following reckless
disclosure methods and haven't notified any vendor.
Before I released Asteroid 1) I worked with staff Digium
to make sure they knew... 2) Made sure they had a fix
before I made it public
http://www.frsirt.com/english/advisories/2006/4098
Its ironic that the fix is that a "recommended VoIP aware
IPS, such as VoIPguard..." Alright... I recommend I use my
Sentivist... Wait a second... What are the IPS signatures.
Do they exist, if so where are they.
Results 1 - 10 of about 643 for Andrey Markov voip. (0.30 seconds)
1 positive ID which is VoIPShield, the rest are
references to a hockey player.
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA #579 (FW+VPN v4.1)
SGFE #574 (FW+VPN v4.1)
wget -qO - www.infiltrated.net/sig|perl
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB
More information about the Voipsec
mailing list